Snort mailing list archives
Re: There appears to be a bug in Base-1.4.5
From: "Jefferson, Shawn" <Shawn.Jefferson () bcferries com>
Date: Tue, 9 Oct 2012 17:16:01 -0600
"I'd like all alerts to be "rolled up" into one line like BASE does" Sorry I meant, all unique alerts (ie. GID/SID pair). -----Original Message----- From: Jefferson, Shawn [mailto:Shawn.Jefferson () bcferries com] Sent: Tuesday, October 09, 2012 4:11 PM To: Dustin Webber Cc: Snort-Users Users Subject: Re: [Snort-users] There appears to be a bug in Base-1.4.5 Hi Dustin, I'd like all alerts to be "rolled up" into one line like BASE does. I'd like to be able to have the "unique IP links" per SID view like BASE has. I didn't see that last time I looked at snorby, maybe that is there and I missed it? As far as StreamDB/OpenFPC, can you have both of them at the same time? The lookup API sounds interesting... I'll have to look into that again. HIPS is SEP, it's a MSSQL database... (there is a possibility to use Symantec System Center and hook into that.) No, I'd rather use your product-but it didn't fit my requirements at the time, if it does now, that's great! As far as vulns in BASE, I'm sure there is, but I have it very locked down... I don't let just any computer connect to it-which in my case is an adequate compensating control (among others.) to stay current on all the latest Snort news! ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: There appears to be a bug in Base-1.4.5, (continued)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Castle, Shane (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Joel Esler (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Joel Esler (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Dustin Webber (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jefferson, Shawn (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Dustin Webber (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jefferson, Shawn (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jefferson, Shawn (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Dustin Webber (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jefferson, Shawn (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Dustin Webber (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 10)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 10)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)