[Snort-users] Base Barnyard and Unified Logs
pauls at ...6838...
Mon Mar 14 14:54:14 EST 2005
--On Monday, March 14, 2005 05:49:56 PM -0500 Wes Young
<wcyoung at ...12754...> wrote:
> I'm thinkin the reason why aanval seems to work is because it doesn't
> even look at the SIG_ID, which BASE might.... I just can't find the code
> to prove anything....(in BASE).
look in basedir/includes/base_action.php and base_signature.php.
Paul Schmehl (pauls at ...6838...)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
More information about the Snort-users