[Snort-users] ACID v0.9.5b6 - news

Frank Reid fcreid at ...691...
Tue Oct 31 20:28:08 EST 2000


Roman,

Are the problems with alert deletion a rights issue to the database or
something deeper in your code?  I saw someone mention they are using the
alert deletion feature successfully.  I'd tried (FreeBSD, MySQL and ACID
v0.9.5b6) and received the "Error deleting alert ..." message.  Don't want
to play with the recommended rights on the database itself, unless that's
the root of the problem.  Thanks in advance.

Frank

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Roman
Danyliw
Sent: Monday, October 30, 2000 11:42
To: snort-users at lists.sourceforge.net
Cc: stuart at ...726...; jeff_seely at ...726...; jed at ...153...
Subject: [Snort-users] ACID v0.9.5b6 - news


Greetings all,

There have been a significant number of new features added to ACID as of
v0.9.5b6, and although some of the functionality is still beta,
(e.g. deleting) I urge users to upgrade from 0.9.4.

Currently, this latest version can only be download from the mirror:

http://www.andrew.cmu.edu/~rdanyliw/snort/

In addition to the new code, some documentation has also been added
covering the use of the new features.

The added features (since 0.9.4) include the following:

  - added alert groups (AG)
  - aggregate stats based on sensor (Stuart Stock <stuart at ...726...>)
  - added alert purging
  - added stats for single IP address (# of alerts, sensors) and whois
    lookups (Jeff Seeley <jeff_seely at ...726...>)
  - added ability to list unique IP addresses on a particular query
  - added sensor name as a search criteria
  - added AG name as a search criteria
  - added snapshot: today's alerts
  - automated ACID's table and index creation
  - added sort criteria for the search results (timestamp, signature)

  - fixed bug in alert arrival time graph when # of alerts was less than
    1%
  - generalized the IP proto decode
  - fixed bug in criteria description when printing 'Last X' alerts
  - updated DB check version code to be aware of new AG tables
  - main and last-X alerts page refresh
  - signatures hyperlink to CVE or whitehats (Paul Harrington
    <paul at ...13...>)
  - fixed bug in flags search criteria where PSH and RST were transposed
    (reported: Jed Pickel <jed at ...153...>)
  - fixed bug associated with using '_'-character in style sheet classes
    which caused them not be valid under certain configurations.
    (solution reported by: Jed Pickel <jed at ...153...>)
  - improved human-readable criteria description for queries (added
    output when TCP flags are criteria, removed extranous blank lines)

Any bugs reports, feedback, or suggestions are appreciated.

cheers,
Roman

_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/snort-users





More information about the Snort-users mailing list