[Snort-users] Re. MS-SQL, ACID and PHP.

Roman Danyliw roman at ...438...
Thu Sep 5 14:13:03 EDT 2002


I think there is some confusion about the role of the various components.

- Snort is the IDS that detects the activity of interest and logs it to a
database.  The supported database types are: MySQL, PostgreSQL, MS SQL Server,
Oracle, and ODBC.  See snort.org for general details and the following URL for
database specific configuration:

> >http://www.andrew.cmu.edu/~rdanyliw/snort/snortdb/snortdb.html

- ACID is a tool written in PHP that will examine the events that Snort logged
to the database.  The supported database types are: MySQL, PostgreSQL, and MS
SQL Server.  See acidlab.sourceforge.net for documentation details.

Roman

On Thu, 05 Sep 2002 15:58:34 -0400, "Dhruv Chandra" <dhruvc at ...125...> wrote :

> 
> Hi Roman
> 
> Thanks for the help.
> 
> I still have some questions (Unfortunately I am not the brightest guy in 
> town)
> 
> When you say that SNORT and ACID both natively support MS SQL ... & hence 
> don't require any PHP script.... does that mean ACID and/or SNORT don't 
> natively support My-SQL and PGSQL ? Cause if they do then why is it that 
> they require PHP script and MS-SQL doesn't ?
> 
> Am I missing something here ?
> 
> Also that the links you sent me have complete details for configuring MY-SQL 
> and PGSQL but not for MS-SQL...
> 
> Thanks for the help once again.
> 
> My last option would be to try and convert MY-SQL PHP script to MS-SQL PHP 
> script ... and then see if I get any lucky :) (Is it possible)
> 
> Cheers and have a successful day.
> 
> Dhruv
> 
> 
> 
> 
> >From: "Roman Danyliw" <roman at ...438...>
> >To: "Dhruv Chandra" <dhruvc at ...125...>
> >CC: snort-users at lists.sourceforge.net
> >Subject: Re: [Snort-users] Re. MS-SQL, ACID and PHP.
> >Date: Wed, 4 Sep 2002 09:24:00 -0400 (EDT)
> >
> >Snort and ACID both natively support MS SQL Server.  There are no 
> >additional
> >scripts required.  See the appropriate documentation for installation 
> >details.
> >
> >Snort DB plugin:
> >
> >http://www.andrew.cmu.edu/~rdanyliw/snort/snortdb/snortdb.html
> >
> >ACID
> >
> >http://acidlab.sourceforge.net/acid_config.html
> 
> Roman
> 
> 
> 
> _________________________________________________________________
> Send and receive Hotmail on your mobile device: http://mobile.msn.com
> 
> 
> 
> 




More information about the Snort-users mailing list