Snort mailing list archives
ACID- Adding in link to incidents.org dshield
From: "Michael Scheidell" <scheidell () fdma com>
Date: Thu, 8 Nov 2001 15:36:55 -0500
Some times I want to know if the ip address atttacking me is part of a skiddy worm/trojan port scan or if they are hitting me directly. This patch to acid_conf and acid_stat_ipaddr.php adds the ability to click on the link and find out if you are alone: (this is against acid b18 as of yesterdays cvs) add this SOMEWHERE in acid_conf: /* Link to external DNIDS database */ $external_dnids_link = "http://www.dshield.org/ipinfo.php?ip=; ----- patch acid_stat_ipaddr.php --- ./acid_stat_ipaddr.php.orig Tue Sep 25 11:32:03 2001 +++ ./acid_stat_ipaddr.php Thu Nov 8 14:58:42 2001 @@ -231,6 +231,7 @@ echo '<FONT>External: '. '<A HREF="'.$external_dns_link.$ip.'">DNS</A> | '. '<A HREF="'.$external_whois_link.$ip.'">whois</A> | '. + '<A HREF="'.$external_dnids_link.$ip.'">Dnids</A> | '. '<A HREF="'.$external_all_link.$ip.'">SamSpade</A><BR>'; ?> <P> --- Michael Scheidell Florida Datamation, Inc. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ACID- Adding in link to incidents.org dshield Michael Scheidell (Nov 08)