[Snort-users] ADODB version and BASE
michaels at ...9077...
Tue Dec 8 10:48:14 EST 2015
Working with 520 with no problems to report, so far…
WINSNORT.com Management Team Member
****************** Established ~ 2001 *******************
* Visit Us @ <http://www.winsnort.com> http://www.winsnort.com *
* ~~ FREE WinIDS Snort installation guides ~~ *
* ~~ FREE support forums ~~ *
* Snort: Open Source Network IDS - <http://www.snort.org> http://www.snort.org *
From: Noah Dietrich [mailto:noah_dietrich at ...17393...]
Sent: Tuesday, December 8, 2015 6:46 AM
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] ADODB version and BASE
When I wrote that guide, ADODB 5.19 had just been released, and I was not able to get it working with BASE. I can't remember what the issue was, and my integration notes don't say, but I do remember that I could not get it working at all. 5.18 worked great, but as soon as you replaced it with 5.19, BASE would not work at all.
This is why my guide recommended sticking with ADODB 5.18. If a newer version of ADODB works for you, then that shouldn't be an issue, I just had issues getting it working.
I'll be releasing a new guide soon for Snort (both on my blog and submitting a copy to the Snort team for inclusion in the documents section of the Snort.org website) which replaces BASE with Snorby (working on Ubuntu 12, 14, and 15). Base hasn't been updated since 2013, and while the latest Release of Snorby (version 2.6.2) is also from 2013, there seems to be some activity for Snorby that it will continue to be updated.
There doesn't seem to be a good stand-alone GUI for Snort (one that has an active development community and a reliable tool), which is a bit frustrating. I'm looking at moving unified2 data into Splunk, but i prefer to keep my guide referencing open-source software.
On Mon, Dec 7, 2015 at 5:21 PM, Michael Steele <michaels at ...9077... <mailto:michaels at ...9077...> > wrote:
I really haven’t seen anything either that points to a problem with 519 in my testing with BASE, but I could be missing something?
It appears that BASE is not compatible with PHP7, at least with my current testing, as BASE produced several errors when starting up. I don’t suspect PHP5 will be at EOL for a very long time.
Maybe Noah Dietrich could give us a clue as to what he found regarding ADOdb?
From: Dr. Stephen Gantz [mailto:stephen.gantz at ...16854... <mailto:stephen.gantz at ...16854...> ]
Sent: Monday, December 7, 2015 10:36 AM
To: Michael Steele <michaels at ...9077... <mailto:michaels at ...9077...> >; snort-users at lists.sourceforge.net <mailto:snort-users at lists.sourceforge.net>
Subject: RE: [Snort-users] ADODB version and BASE
I've been using ADOdb 5.19 with BASE 1.4.5 for at least a year and have never had any issues. My use of BASE is pretty basic, but I do use the graphing extensions. I haven't tried the new 5.20 version. I have also held off on moving to PHP 7 because I haven't seen anything to suggest that ADOdb works with anything other than 5.x.
Dr. Stephen D. Gantz
CISSP-ISSAP, CEH, CGEIT, CRISC, CIPP/G, C|CISO
Professor of Information Assurance
The Graduate School
University of Maryland University College
<mailto:stephen.gantz at ...16854...> stephen.gantz at ...16854...
-------- Original message --------
From: Michael Steele <michaels at ...9077... <mailto:michaels at ...9077...> >
Date: 12/7/2015 9:07 AM (GMT-05:00)
To: snort-users at lists.sourceforge.net <mailto:snort-users at ...5870....net>
Subject: [Snort-users] ADODB version and BASE
I see there is a new update to ADODB (520). I’m pushing out 518a to clients, and was wondering if anyone has any information about ADODB 519, 0r 520 be compatible with BASE.
I’ve seen a note from Noah Dietrich in his guided install stating “Download and install ADODB 5.18 (not ADODB 5.19, it is not compatible with the current version of
BASE)”, and was dated January 2015, so it was a recent statement. There was no reason given.
Does anyone have a clue as to why, or what we could be seeing as a clue that ADODB above 518 is not compatible.
Is anyone using ADODB 519, 0r 520 with any luck in unison with the BASE console software?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users