[Snort-users] barnyard2 1.9 no ip

Oleg V Popov admin at ...15619...
Mon May 14 03:52:16 EDT 2012


No, I wrote to the developer and to other places, but got no response.

Yossi писал 13.5.2012 18:04:
> Hi Oleg,
>
> did u resolved it? I've got the same problem. I also try to use snort
> 2.9.9.2 with barnyard2 1.9 and mysql DB
>
>
>
> On 05/04/2012 05:22 PM, Oleg V Popov wrote:
>> Good day. Recently, i start using
>> Barnyard2 do output for portscan without ip address.
>>
>> #----------------------------------------------------
>>
>> Example:
>>
>> Snort syslog:
>>
>> May  4 11:55:42 gw snort[16283]: [122:1:1] PSNG_TCP_PORTSCAN
>> [Classification: Attempted Information Leak] [Priority: 2] 
>> {PROTO:255}
>> 192.168.x.x ->  192.168.x.x
>>
>>
>> Barnyard2 syslog:
>>
>>
>> May  4 11:55:43 gw snort[7095]: portscan: TCP Portscan
>>
>> #----------------------------------------------------
>>
>> Additional info:
>>
>> Snort conf:
>>
>> output unified2: filename snort.log, limit 128
>> preprocessor sfportscan: proto  { all } memcap { 10000000 } 
>> sense_level
>> { low }
>>
>> #----------------------------------------------------
>>
>>
>>
>>
>>
>> 
>> ------------------------------------------------------------------------------
>> Live Security Virtual Conference
>> Exclusive live event will cover all the ways today's security and
>> threat landscape has changed and how IT managers can respond. 
>> Discussions
>> will include endpoint security, mobile security and the latest in 
>> malware
>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest 
>> Snort news!





More information about the Snort-users mailing list