[Snort-users] [Snort-devel] Barnyard2 - v2-1.10 is released

beenph beenph at ...11827...
Wed Sep 26 11:00:31 EDT 2012

On Wed, Sep 26, 2012 at 10:29 AM, Michael Steele <michaels at ...9077...> wrote:
> BASE is not currently being developed, but has worked for a very long time
> with no modifications (or very little). I'm not sure what it will take to
> make BASE compliant with the new proposed database schemas that the
> Barnyard2 team has announced, but any changes to the database schemas will
> make BASE obsolete.
BASE in its current form will be obselete with the new schema. If
people with web app experience
will want to port it, once the information is out they will be happily
able make modification so it works
using the new schema.

> Right now BASE accepts  data from several databases. However, when
> Sourcefire abandoned the output database hook in Snort, Snort users were
> totally reliant on Banyard2 for database support, which went from several
> database options, to 2 database options.

There is things that are not to be mixed. And i do not want to get
into the details/obstacles on why right now 2-1.10
only cleanly support PostgreSQL and MySQL and why it might be mild
problem for windows users of winsnort, but
its not that hard to add other plateform within the current code and
the future code will  have the same two
basic database support and future dbms will be added as the new version mature.

> There was 20 months between stable releases of Barnyard2, so I'm pretty sure
> it's going to be awhile before it's implemented. I think releasing this
> information at this time is causing a lot of confusion.

The 20 month period was not a period continuous developpment, now that
its is out there, beside
bugfix it will be the last branch in the 2-1.xx family for barnyard2.
The information about the schema
 has been out there  for a while Michael, but there is no need to
throw out all the bells and whistles at this moment.
You will still be able to use the 2-1.xx family after the release of
the 2.-2.xx branch and the new schema.

> Hopefully the Barnyard2 team will show a little compassion for the users of
> BASE and update BASE to be compliant with their new database schema. BASE is
> the only console out there (that I know of) that is cross platform
> compatible.

I might be wrong but i was under the impression that sguil and Snorby
would work on windows.
But we will support any Interface needs regarding the new proposed
schema which has not been out yet and that
will be open to modification/suggestion/comments by interested parties
to make it last as long as the existing schema has been.

Mabey when the information will be out some people will be willing to
re-write base to support the schema.

In the meantime, concerns and comment about barnyard2 are allways
welcome on snort mailinglists and the barnyard2 mailing lists.


More information about the Snort-users mailing list