[Snort-users] BASE Payload Search

Humes, David G. David.Humes at ...383...
Thu Jul 5 08:38:18 EDT 2007


Hey Everyone, 
We use BASE for watching our Snort alerts, and would really like to be
able to do a payload search.   But it does not appear to work. I saw
some early posts about this on the BASE list saying that it never worked
in ACID.  Does anyone have this working?  I'm running BASE 1.3.6.  I've
already posted this on the BASE list and haven't received any replies.
I though it might get a little more visibility over here.  My process
flow for searching is:
Search 
Select Signature and Alert Time 
Payload Criteria 
{encoding} {Convert To} 
has [string to search for] 
Query DB 
Thanks. 

--Dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20070705/f5365fd4/attachment.html>


More information about the Snort-users mailing list