[Snort-users] snort and mysql5 losing db connection

Richard Bejtlich taosecurity at ...11827...
Thu Jun 14 13:17:11 EDT 2007


On 6/14/07, Jason Brvenik <jasonb at ...1935...> wrote:
> Interesting that this topic comes up.
>
> I wrote a perl module for handling unified files for just these reasons
> (and many more) it currently lives at:
>
> http://cerberus.sourcefire.com/~jbrvenik/unified_perl
>
> It fully handles unified files and is portable across platforms and
> handles big/little endian issues and 64bit unified files too.
>
> It would not take much work to make the db code a direct replacement for
> barnyard.
>
> http://cerberus.sourcefire.com/~jbrvenik/unified_perl/ufdbtest.pl
>
> So... some questions for the community.
>
> - What is the interest in having a direct barnyard replacement?
> - Anyone interested in taking a stab at it?
> - What other capabilities are desired (I know you want ppp support, Richard)
> - Anyone want to take up documenting it?
>

Hi Jason,

A Barnyard replacement that works with Sguil would r0x0r.

Were you serious about PPP?  :)

Richard




More information about the Snort-users mailing list