[Snort-users] Snort, MySQL, Acid
tsevy at ...1701...
Fri May 3 08:08:06 EDT 2002
Did you try a BPF filter?
From: Redman, Ken [mailto:ken.redman at ...5424...]
Sent: Friday, May 03, 2002 10:50 AM
To: Snort Users List (E-mail)
Subject: [Snort-users] Snort, MySQL, Acid
This question is more of a database questions, but it is reliant on the way
Snort populates the data in MySQL.
Redhat 7.2 with all Bugfixes and security patches up to date.
I have put in a rule to ignore the IP address that I do all my Pen-testing
from. However, 80% of all alerts in MySQL/Acid are from my one IP address.
Therefore I want to remove all instances of those entries from MySQL and
Acid. Is this is possible "How do I do this?" and will I end up corrupting
Thanks in advance for any light than can be shed on this.
More information about the Snort-users