[Snort-users] Database tools?

Marc Quibell mquibell at ...7759...
Tue Aug 26 23:57:11 EDT 2003


Curious, what do y'all use for managing the MYSQL database, beside the http
frontend (ACID, DEMARC)? Today I had a few machines who got infected (still)
from the MSBLASTER.D, and of course it over loaded my db, cranking 600K alerts
in 45 mins. And if you use ACID, you know how hard and how long it takes to
delete tha many alerts.

Also, I wonder if there is a wayt to simply have a threshold for alerts, so if I
want to only be alerted on the first 10 of the same 100000 alerts. Thanks.

Marc






More information about the Snort-users mailing list