[Snort-users] Base Barnyard and Unified Logs

Paul Schmehl pauls at ...6838...
Mon Mar 14 14:54:14 EST 2005


--On Monday, March 14, 2005 05:49:56 PM -0500 Wes Young 
<wcyoung at ...12754...> wrote:
>
> I'm thinkin the reason why aanval seems to work is because it doesn't
> even look at the SIG_ID, which BASE might.... I just can't find the code
> to prove anything....(in BASE).
>
look in basedir/includes/base_action.php and base_signature.php.

Paul Schmehl (pauls at ...6838...)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu




More information about the Snort-users mailing list