[Snort-users] Dshield perl script.
Andrew.Hutchinson at ...3639...
Wed Sep 18 07:38:05 EDT 2002
Try this. There was no call to his 'getip' subroutine, which uses the
inet_ntoa function of the Socket module. I added lines 46 and 47, which
should convert the addresses.
From: Jaco Lange [mailto:jaco at ...6805...]
Sent: Wednesday, September 18, 2002 8:49 AM
To: snort-users at lists.sourceforge.net; mark.rowlands at ...752...
Subject: [Snort-users] Dshield perl script.
** High Priority **
** Reply Requested When Convenient **
I tried the perl scrip you written for Snort ACID and MYSQL
I found it very usesfull, everything works just the IP address is
returned in a
funny way, it looks like it in not converted to a ip address format
xxx.xxx.xx.xx insted I get a Number
Subject FORMAT DSHIELD USERID 12345678 TZ +02:00
+01:00 USERID 1 3232236545 8080 3232236309 1190
how do I get this IP ?
Any help appreciated.
P O BOX 12937
Tel: +27-(0)12-807 1864
Fax: +27-(0)12-807 1829
"This e-mail may contain confidential information and may be legally
privileged and is intended only for the person to whom it is addressed.
If you are not the intended recipient, you are notified that you may not
use, distribute or copy this document in any manner whatsoever. Kindly
also notify the sender immediately by telephone, and delete the e-mail.
When addressed to clients of the company from where this e-mail
originates ("the sending company ") any opinion or advice contained in
this e-mail is subject to the terms and conditions expressed in any
applicable terms of business or client engagement letter . The sending
company does not accept liability for any damage, loss or expense
arising from this e-mail and/or from the accessing of any files attached
to this e-mail."
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2852 bytes
More information about the Snort-users