[Snort-users] Couple of weird acid issues

roman at ...438... roman at ...438...
Wed Oct 24 13:17:06 EDT 2001


- The error with the local whois lookup should be fixed in CVS.

- ACID used to have a similar error with alert actions with DB schema
v103-4.  Could you enable debug_mode ($debug_mode = 1) and send me the    
output?

Roman

On Wed, 24 Oct 2001, Mike Shaw wrote:

> Anyone else seen these behaviors?
> 
> (Acid 0.9.6b16, Snort 1.7, OpenBSD 2.9-stable, MySQL 3.23.37)
> 
> On an alert listing page--checking the box on an alert group, selecting  
> "Delete Alert(s)" and then hitting "selected" results in "No alerts were 
> selected or the DELETE was not successful".  But if I go in to the "Query
> results" page, select "Delete Alert(s)" and hit "entire query" I get
> "Successful DELETE - 1234 alert(s)" (it works).
> 
> On the acid_stat_ipaddr.php page, when doing a local whois on an IP, I get
> "Database ERROR:You have an error in your SQL syntax near 's, and related
> POC's. Please use the whois server at rs.internic.net for DOMAIN ' at line 1"
> 
> When archiving (move) items, I get "Ignored 1234 duplicate alert(s)" and   
> "No alerts were selected or the ARCHIVE-move was not successful", no matter
> how I select the alerts.
>
> Any insight would be appreciated.
>
> -Mike



---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/






More information about the Snort-users mailing list