[Snort-users] Barnyard2 problems with reputation preproc rules

Dave Corsello snort-users at ...15598...
Fri Feb 7 23:07:51 EST 2014


elz,

I ran your script against the database.  Here are the results:

Query OK, 933 rows affected (6.88 sec)

mysql> call fixsigs(101, at a);
Query OK, 933 rows affected (2.41 sec)

mysql> call fixsigs(102, at a);
Query OK, 933 rows affected (17.02 sec)

mysql> call fixsigs(103, at a);
Query OK, 933 rows affected (6.91 sec)

mysql> call fixsigs(104, at a);
Query OK, 933 rows affected (6.09 sec)

mysql> call fixsigs(105, at a);
Query OK, 933 rows affected (8.91 sec)

mysql> call fixsigs(106, at a);
Query OK, 933 rows affected (12.23 sec)

mysql> call fixsigs(110, at a);
Query OK, 933 rows affected (12.71 sec)

mysql> call fixsigs(111, at a);
Query OK, 933 rows affected (58.40 sec)

mysql> call fixsigs(112, at a);
Query OK, 933 rows affected (13.30 sec)

mysql> call fixsigs(113, at a);
Query OK, 933 rows affected (27.55 sec)

mysql> call fixsigs(114, at a);
Query OK, 933 rows affected (8.60 sec)

mysql> call fixsigs(115, at a);
Query OK, 933 rows affected (14.34 sec)

mysql> call fixsigs(116, at a);
Query OK, 1 row affected (9 min 47.49 sec)

mysql> call fixsigs(117, at a);
Query OK, 1 row affected (1.27 sec)

mysql> call fixsigs(118, at a);
Query OK, 1 row affected (1.23 sec)

mysql> call fixsigs(119, at a);
Query OK, 1 row affected (1 min 15.60 sec)

mysql> call fixsigs(120, at a);
Query OK, 933 rows affected (16.84 sec)

mysql> call fixsigs(121, at a);
Query OK, 933 rows affected (9.60 sec)

mysql> call fixsigs(122, at a);
Query OK, 933 rows affected (47.91 sec)

mysql> call fixsigs(123, at a);
Query OK, 933 rows affected (22.52 sec)

mysql> call fixsigs(124, at a);
Query OK, 933 rows affected (21.65 sec)

mysql> call fixsigs(125, at a);
Query OK, 933 rows affected (13.86 sec)

mysql> call fixsigs(126, at a);
Query OK, 933 rows affected (5.78 sec)

mysql> call fixsigs(128, at a);
Query OK, 933 rows affected (8.74 sec)

mysql> call fixsigs(129, at a);
Query OK, 0 rows affected (25.71 sec)

mysql> call fixsigs(130, at a);
Query OK, 933 rows affected (2.88 sec)

mysql> call fixsigs(131, at a);
Query OK, 933 rows affected (5.65 sec)

mysql> call fixsigs(133, at a);
Query OK, 933 rows affected (1 min 0.10 sec)

mysql> call fixsigs(134, at a);
Query OK, 0 rows affected (2.00 sec)

mysql> call fixsigs(135, at a);
Query OK, 933 rows affected (2.82 sec)

mysql> call fixsigs(136, at a);
Query OK, 933 rows affected (2.79 sec)

mysql> call fixsigs(137, at a);
Query OK, 933 rows affected (2.65 sec)

mysql> call fixsigs(138, at a);
Query OK, 933 rows affected (3.20 sec)

mysql> call fixsigs(139, at a);
Query OK, 933 rows affected (0.72 sec)

mysql> call fixsigs(140, at a);
Query OK, 933 rows affected (17.86 sec)

mysql> call fixsigs(141, at a);
Query OK, 933 rows affected (3.29 sec)

mysql> call fixsigs(142, at a);
Query OK, 933 rows affected (4.08 sec)

mysql> call fixsigs(143, at a);
Query OK, 933 rows affected (2.48 sec)

mysql> call fixsigs(144, at a);
Query OK, 933 rows affected (1.11 sec)

mysql> call fixsigs(145, at a);
Query OK, 933 rows affected (2.05 sec)

mysql> call fixsigs(2, at a);
Query OK, 933 rows affected (0.35 sec)

mysql> call fixsigs(3, at a);
Query OK, 0 rows affected (0.00 sec)




More information about the Snort-users mailing list