[Snort-users] Acid Issues with snort

Slighter, Tim tslighter at ...5174...
Thu Sep 5 13:21:01 EDT 2002


Yes, I have done this but that was a scenario where I could not get the
archive to work correctly.  Whenever I tried to add in more events into the
archive database, it would generate an error about duplicate alerts and
would not move them.  ACID 0.9.6b20 fixed this problem AND,  since I never
did get any response from Danyliw after numerous posts to the mailing list
and the archives as well as emails directly to him,  I was forced to move to
that version of ACID.  

As mentioned, since doing this, I now am having the AG problems.  

Thanks for the suggestions though

-----Original Message-----
From: Kevin Brown [mailto:Kevin.M.Brown at ...1022...]
Sent: Thursday, September 05, 2002 1:54 PM
To: 'Slighter, Tim'; 'snort-users at lists.sourceforge.net'
Subject: RE: [Snort-users] Acid Issues with snort


Have you tried ACID with PHP 4.2.2 and Apache 1.3.x?  Last I heard there
were still issues with PHP and Apache 2.0.x.

Also try getting the latest version of ACID (0.9.6b22) from CVS

-----Original Message-----
From: Slighter, Tim [mailto:tslighter at ...5174...]
Sent: Thursday, September 05, 2002 12:05 PM
To: 'snort-users at lists.sourceforge.net'
Subject: [Snort-users] Acid Issues with snort


I have installed the latest releases of everything:

PHP 4.30
ACID 0.9.6b21
Apache 2.0.40
mySQL 4.0.3
Adodb 231
GD 1.8.4
Phplot 4.4.6


 on a new system and have documented and witnessed the following anomalies:

While the archiving feature now works, even with duplicate events/alerts,
now the AG Maintenance has some issues.  When a new AG is created, only the
ID shows up and no name.  Attempting to edit the AG or delete it and create
a new one, does not fix this problem.  The name and description do NOT show
up.  

The other issue is the graph tool.  This did work in the previous release
for ACID prior to ACID 0.9.6b20 but now the graphs do not render and present
broken graphics.  Guessing it has something to do with extracting the data
from an AG, which are not functioning correctly.

Anyone seen this or know of a "known" workaround ?

Thanks




More information about the Snort-users mailing list