[Snort-users] Where's Waldo?

AllowOverride allowoverride at ...11827...
Wed Oct 10 11:50:55 EDT 2012


im recommending fuck you


On Wed, 2012-10-10 at 11:42 -0400, Jason wrote:
> I don't think I'm alone when I say you have been the first in a long
> time to end up on my ignore list. You have exhibited all the qualities
> of a troll, well executed even. I'm fairly comfortable in recommending
> to others that they place you into the same category.
> 
> I wish you luck on your journey but have to elect to no take part in
> you getting where ever you think you are going.
> 
> On Wed, Oct 10, 2012 at 11:37 AM, AllowOverride <allowoverride at ...11827...> wrote:
> > who is we've. you represent everyone? who the hell are you...
> > i don't need your kinda of help. go away
> >
> > On Tue, 2012-10-09 at 22:58 -0500, Paul Schmehl wrote:
> >> It's a very strange bug.  It only exists on your system.
> >>
> >> We've been using base for as long as it's existed, and our copy has never
> >> had that bug.
> >>
> >> --On October 9, 2012 8:09:54 PM -0700 AllowOverride
> >> <allowoverride at ...11827...> wrote:
> >>
> >> > omg,,, thanks but i am fully aware of how to trbsht, sorry, im not going
> >> > to respond to all that... i think its a bug, been there done that
> >> >
> >> > On Tue, 2012-10-09 at 20:46 -0500, Paul Schmehl wrote:
> >> >> --On October 9, 2012 12:08:11 PM -0700 AllowOverride
> >> >> <allowoverride at ...11827...> wrote:
> >> >>
> >> >> >> Step 5: Verify that base can login to the db and read the alerts
> >> >> > its working - but when i clear the data tables on base browser gui, no
> >> >> > new data is being recorded.
> >> >>
> >> >> OK.  Base does nothing more than to display what's in the database.  So,
> >> >> if  you empty the tables of data and no new data shows up, base is doing
> >> >> its  job.  The problem lies elsewhere.
> >> >>
> >> >> > i noticed that if i restart the services, or
> >> >> > restart apache2, it will start displaying again... kinda odd, i would
> >> >> > have to restart anything,, wonders if base is really the right solution
> >> >> > at this point, or, maybe there is a switch to flick in it
> >> >>
> >> >> In order to do fruitful troubleshooting, you have to take one step at a
> >> >> time.  Restart one service.  Does base start displaying alerts again?
> >> >> Then  that service is the problem.  If you restart several services and
> >> >> base  starts displaying alerts again, you have no way of knowing which
> >> >> service is  the problem.
> >> >>
> >> >> Your problem sounds like one that used to occur with barnyard2 - lost
> >> >> connections to the database - but it's hard to tell without knowing
> >> >> which  service restarts the alerts.
> >> >>
> >> >> Look at the timestamps and sizes on the snort logs.  Is it continually
> >> >> logging?  When the log files turn over, does the new one grow in size?
> >> >>
> >> >> Paul Schmehl, Senior Infosec Analyst
> >> >> As if it wasn't already obvious, my opinions
> >> >> are my own and not those of my employer.
> >> >> *******************************************
> >> >> "It is as useless to argue with those who have
> >> >> renounced the use of reason as to administer
> >> >> medication to the dead." Thomas Jefferson
> >> >> "There are some ideas so wrong that only a very
> >> >> intelligent person could believe in them." George Orwell
> >> >>
> >> >
> >> >
> >>
> >>
> >>
> >> Paul Schmehl, Senior Infosec Analyst
> >> As if it wasn't already obvious, my opinions
> >> are my own and not those of my employer.
> >> *******************************************
> >> "It is as useless to argue with those who have
> >> renounced the use of reason as to administer
> >> medication to the dead." Thomas Jefferson
> >> "There are some ideas so wrong that only a very
> >> intelligent person could believe in them." George Orwell
> >>
> >
> >
> > ------------------------------------------------------------------------------
> > Don't let slow site performance ruin your business. Deploy New Relic APM
> > Deploy New Relic app performance management and know exactly
> > what is happening inside your Ruby, Python, PHP, Java, and .NET app
> > Try New Relic at no cost today and get our sweet Data Nerd shirt too!
> > http://p.sf.net/sfu/newrelic-dev2dev
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> > Please visit http://blog.snort.org to stay current on all the latest Snort news!





More information about the Snort-users mailing list