[Snort-users] NEW db & ACID

roman at ...438... roman at ...438...
Mon Mar 26 00:50:26 EST 2001


Karl,

This feature is now implemented in version 0.9.6b7.

enjoy,
Roman

> Roman,
> 
> Is there a requested feature list for ACID. If not would it be possible
> to implement a top 10 or 50 list vor most frequent IP adresses (from or to)
> in ACID.
> It would be more easy to detect for instance scans on your systems.
> 
> Cheers,
> Karl
> 
> 
> DISCLAIMER: This email is confidential and contains information
> some or all of which may be legally privileged for the intended
> recipient only. If you have received this message in error please
> notify the sender. You must not use, disclose, distribute, copy, print,
> or rely on the stated or implied contents.The email and any
> attachments have been scanned for viruses by INU Consultancy,
> however we cannot guarantee that emails do not contain
> a virus. Please visit www.inu.nl for contact information.
> 
> 
> -----Oorspronkelijk bericht-----
> Van: snort-users-admin at lists.sourceforge.net
> [mailto:snort-users-admin at lists.sourceforge.net]Namens roman at ...438...
> Verzonden: vrijdag 23 maart 2001 14:42
> Aan: Kevin.Brown at ...1022...
> CC: snort-users at lists.sourceforge.net
> Onderwerp: Re: [Snort-users] NEW db & ACID
> 
> 
> With the help of Cornett Wood (cornett at ...1649...) ACID
> now supports the Snort rule reference tags.  Download
> version 0.9.6b6 from acidlab.sourceforge.net.
> 
> Signatures are now always printed as follows:
> 
> [reference1] ... [reference-n] <Signature Name>
> 
> Where [reference-x] is hyperlinked text like "butraq", "cve",  etc.
> pointing to the appropriate link on the site.
> 
> Thanks for all those who submitted workaround patches!  What
> still remains is a better system to include custom references in
> ACID (i.e. how to store the reference URL), and fixing any
> signature sorting which broke under this scheme.
> 
> Note: the ACID cvs appears to be in an inconsistent state.
> I will work on this.
> 
> Roman
> 
> > To my knowledge there is no version of ACID for the new schema as yet.
> >
> > > Sorry if I have not been paying attention lately.  Upgraded to the
> latest
> > > CVS this morning, reloaded the database stuff.  Now what do I have to do
> > > to ACID to make it work with the new db??
> >
> >
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > http://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> 
> 
> 
> ---------------------------------------------
> This message was sent using Voicenet WebMail.
>       http://www.voicenet.com/webmail/
> 
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 



---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/






More information about the Snort-users mailing list