Snort mailing list archives
RE: Acid and Mysql with Snort
From: ricsi () gmx at (Richard Menedetter)
Date: Fri, 12 Jul 2002 16:48:43 +0200 (CEST)
X-To: "Hutchinson, Andrew" <Andrew.Hutchinson () Vanderbilt edu> Hi Some ACID feature wishes. (I hope it is still developed further) * it would be great if ACID would better support the archive table. Eg you could switch between the normal and the archive table, without installinf acid twice. (and one could do an additional button on the source address page, where acid would search for the actual IP in the archive.) * I would like to have a switch in the cfg file, where, when switched on, ACID would show not only the IP but also the domainname of the source address in the overview table. * it would be great if there were an action where snort would mail the details of the selected alerts to www.dshield.org. * it would be great if the graphics capabilities would be spiced up a bit Spade question: everytime I do a FTP transfer spade shows me a higy anomaly value from ftp:20 to me:xxx. Can't spade ignore such FTP connections ?? Mysql index question: HA> 2. Creating indexes HA> Some of the required indexes are not created in initial MySQL creation HA> script. The following indexes can be added to significantly improve HA> performance: HA> tcphdr.tcp_sport HA> tcphdr.tcp_dport HA> acid_ag_alert.ag_sid + acid_ag_alert.ag_cid How do you do it ?? are the index-names irrelevant ?? is it done like this: create index acid_ag_alert_i on acid_ag_alert (ag_sid, ag_cid); CU, Ricsi -- |~)o _ _o Richard Menedetter <ricsi () gmx at> {ICQ: 7659421} (PGP) |~\|(__\| -=> Virus Warning: (S)top (C)ontinue (B)urn infected disk <=- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Gadgets, caffeine, t-shirts, fun stuff. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Acid and Mysql with Snort Hall, Duane (Jul 11)
- Re: Acid and Mysql with Snort twig les (Jul 11)
- <Possible follow-ups>
- RE: Acid and Mysql with Snort Hutchinson, Andrew (Jul 12)
- RE: Acid and Mysql with Snort Richard Menedetter (Jul 12)
- RE: Acid and Mysql with Snort James Hoagland (Jul 13)
- RE: Acid and Mysql with Snort Richard Menedetter (Jul 12)
- RE: Acid and Mysql with Snort Pacheco, Michael F. (Jul 16)
- RE: Acid and Mysql with Snort Hutchinson, Andrew (Jul 17)