Snort mailing list archives
Re: [Snort-devel] Barnyard2 - v2-1.10 is released
From: beenph <beenph () gmail com>
Date: Wed, 26 Sep 2012 11:00:31 -0400
On Wed, Sep 26, 2012 at 10:29 AM, Michael Steele <michaels () winsnort com> wrote:
BASE is not currently being developed, but has worked for a very long time with no modifications (or very little). I'm not sure what it will take to make BASE compliant with the new proposed database schemas that the Barnyard2 team has announced, but any changes to the database schemas will make BASE obsolete.
BASE in its current form will be obselete with the new schema. If people with web app experience will want to port it, once the information is out they will be happily able make modification so it works using the new schema.
Right now BASE accepts data from several databases. However, when Sourcefire abandoned the output database hook in Snort, Snort users were totally reliant on Banyard2 for database support, which went from several database options, to 2 database options.
There is things that are not to be mixed. And i do not want to get into the details/obstacles on why right now 2-1.10 only cleanly support PostgreSQL and MySQL and why it might be mild problem for windows users of winsnort, but its not that hard to add other plateform within the current code and the future code will have the same two basic database support and future dbms will be added as the new version mature.
There was 20 months between stable releases of Barnyard2, so I'm pretty sure it's going to be awhile before it's implemented. I think releasing this information at this time is causing a lot of confusion.
The 20 month period was not a period continuous developpment, now that its is out there, beside bugfix it will be the last branch in the 2-1.xx family for barnyard2. The information about the schema has been out there for a while Michael, but there is no need to throw out all the bells and whistles at this moment. You will still be able to use the 2-1.xx family after the release of the 2.-2.xx branch and the new schema.
Hopefully the Barnyard2 team will show a little compassion for the users of BASE and update BASE to be compliant with their new database schema. BASE is the only console out there (that I know of) that is cross platform compatible.
I might be wrong but i was under the impression that sguil and Snorby would work on windows. But we will support any Interface needs regarding the new proposed schema which has not been out yet and that will be open to modification/suggestion/comments by interested parties to make it last as long as the existing schema has been. Mabey when the information will be out some people will be willing to re-write base to support the schema. In the meantime, concerns and comment about barnyard2 are allways welcome on snort mailinglists and the barnyard2 mailing lists. -elz ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Barnyard2 - v2-1.10 is released firnsy (Sep 25)
- Re: Barnyard2 - v2-1.10 is released Jefferson, Shawn (Sep 25)
- Re: Barnyard2 - v2-1.10 is released beenph (Sep 25)
- Re: [Snort-devel] Barnyard2 - v2-1.10 is released Michael Steele (Sep 26)
- Re: [Snort-devel] Barnyard2 - v2-1.10 is released beenph (Sep 26)
- Re: [Snort-devel] Barnyard2 - v2-1.10 is released Michael Steele (Sep 26)
- Re: [Snort-devel] Barnyard2 - v2-1.10 is released beenph (Sep 26)
- Re: Barnyard2 - v2-1.10 is released Jefferson, Shawn (Sep 25)
- Re: Barnyard2 - v2-1.10 is released Joel Esler (Sep 26)
- Re: Barnyard2 - v2-1.10 is released AllowOverride (Sep 27)
- Re: Barnyard2 - v2-1.10 is released beenph (Sep 27)
- Re: Barnyard2 - v2-1.10 is released AllowOverride (Sep 27)
- Re: Barnyard2 - v2-1.10 is released Joel Esler (Sep 27)
- Re: Barnyard2 - v2-1.10 is released beenph (Sep 27)
- Re: Barnyard2 - v2-1.10 is released AllowOverride (Sep 27)