[Snort-users] NEW db & ACID

Steve Halligan agent33 at ...187...
Fri Mar 23 14:04:43 EST 2001


Short answer:  Wait a bit.  Roman is working on making these changes to
acid.  I looked through it and the changes needed are fairly extensive.  If
you use Brian Caswell's "ghetto" patch and the old db struct, acid will work
as it always did.  If you use the new db struct, acid still works, but you
only see a number for the sig description.  I did a quick hack to acid to
get the full sig name to show up in the main alert view, and could provide
it if anyone wants.  But it is just a hack and does not take care of 99% of
the changes to the db struct.

-Steve

> -----Original Message-----
> From: F.M. Taylor [mailto:root at ...28...]
> Sent: Friday, March 23, 2001 9:58 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] NEW db & ACID
> 
> 
> Sorry if I have not been paying attention lately.  Upgraded 
> to the latest
> CVS this morning, reloaded the database stuff.  Now what do I 
> have to do
> to ACID to make it work with the new db??
> 
> TIA
> 
> ---
> Mike Taylor
> Coordinator of Systems Administration and Network Security
> Indiana State University.               Rankin Hall Rm 039
> 210 N 7th St.                           Terre Haute, IN.
> Voice: 812-237-8843                                  47809
> ---
> "You have zero privacy anyway.  Get over it."
>            --Scott McNealy, Sun MicroSystems. 
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 




More information about the Snort-users mailing list