[Snort-users] mySQL database and snort

Frank Carreiro fcarreiro at ...4629...
Thu Jan 24 08:59:16 EST 2002


I'm running snort with a mySQL backend.  Does anyone have any 
tips/thoughts/comments on how to automate maintaince of the database? 
 Basically I'd like to remove snort entries older than 30/60 days.  I'm 
hoping someone has already come up with a solution.  I'm still playing 
around with sql scripting.  Haven't been able to figure it out (yet).

Also, there are some entries / attacks I'd like to learn more about. 
 For example I seen an entry for the ICMP ping speedra and would like to 
learn more about what this is.  Whitehat.com website doesn't resolve and 
ARIS didn't have anything.

Much appeciated.  Excellent product guys!

Frank







More information about the Snort-users mailing list