[Snort-users] ACID v0.9.5b6 - news
roman at ...438...
Mon Oct 30 11:42:02 EST 2000
There have been a significant number of new features added to ACID as of
v0.9.5b6, and although some of the functionality is still beta,
(e.g. deleting) I urge users to upgrade from 0.9.4.
Currently, this latest version can only be download from the mirror:
In addition to the new code, some documentation has also been added
covering the use of the new features.
The added features (since 0.9.4) include the following:
- added alert groups (AG)
- aggregate stats based on sensor (Stuart Stock <stuart at ...726...>)
- added alert purging
- added stats for single IP address (# of alerts, sensors) and whois
lookups (Jeff Seeley <jeff_seely at ...726...>)
- added ability to list unique IP addresses on a particular query
- added sensor name as a search criteria
- added AG name as a search criteria
- added snapshot: today's alerts
- automated ACID's table and index creation
- added sort criteria for the search results (timestamp, signature)
- fixed bug in alert arrival time graph when # of alerts was less than
- generalized the IP proto decode
- fixed bug in criteria description when printing 'Last X' alerts
- updated DB check version code to be aware of new AG tables
- main and last-X alerts page refresh
- signatures hyperlink to CVE or whitehats (Paul Harrington
<paul at ...13...>)
- fixed bug in flags search criteria where PSH and RST were transposed
(reported: Jed Pickel <jed at ...153...>)
- fixed bug associated with using '_'-character in style sheet classes
which caused them not be valid under certain configurations.
(solution reported by: Jed Pickel <jed at ...153...>)
- improved human-readable criteria description for queries (added
output when TCP flags are criteria, removed extranous blank lines)
Any bugs reports, feedback, or suggestions are appreciated.
More information about the Snort-users