[Snort-users] ACID 0.9.5 Released

Guillaume Arcas guillaume at ...1168...
Fri Jan 19 03:18:38 EST 2001


Roman Danyliw wrote:

> Greetings!
>
> ACID 0.9.5, a recommended major upgrade, has been released.  The following
> are the changes from the previous version (0.9.4):
>
> ** New Functionality
>   - Alert Groups (AG): logically group or annotate alerts
>   - Emailing query results
>   - Alert purging: delete old alerts or false positives
>   - New Search criteria: Sensor, Alert Group, IP address as either
>                          src/dest (and inputted as either octets or
>                          string)
>
> ** New Snapshots/Quick Queries
>   - Today's alerts
>   - Today's unique alerts
>   - Most recent unique alerts
>   - Most frequent alerts
>
> ** New Statistics
>   - Aggregated stats on the sensors
>   - Aggregated stats per single IP address
>   - Unique IP addresses list from query results
>
> ** Many bug fixes!
>
> Check out the CHANGELOG for the full details.  Likewise, several new
> configuration parameters have been added to tweak the appearance and
> behavior of ACID.  It is highly recommended to read the new parameter
> documentation.
>

Hi !

I take your message as an opportunity to ask if there is space in this
mailing-list for discussion about daily usage of  ACID. I use it since a month
and surely am one of your most enthoustiastic fan(s) in France !! :-)

More seriously, I would like to expand the usage of ACID sensors to build a
Distributed IDS for a large network (with a lot of that f*!#@* things called
switches !! :-)).

Does anyone here have some experience of that ?

Best regards.

Guillaume.

PS : are there smart animated-powerd-by pics for ACID hosts ? :-)





More information about the Snort-users mailing list