Snort mailing list archives

ACID 0.9.6b14 questions

From: "Poppi, Sandro" <Sandro.Poppi () wacker com>
Date: Mon, 17 Sep 2001 10:33:41 +0200

I'm having some probs regarding acid 0.9.6b14 in conjunction with snort
1.8.1 on a RedHat 7.0 box with mysql 3.23.32:

1. Using any of the new Snapshot entries 

        Last Source Ports: any , TCP , UDP 
        Last Destination Ports: any , TCP , UDP 

results in

        Database ERROR:You have an error in your SQL syntax near '' at line
1

All other functions I tested work (nearly) as expected (see 2.)

2. The search form and querying only for an ip address does not work for
portscan alerts. If the given ip address is only logged for portscan alerts
it can't be queried, if there are other alarms for the ip address they will
be shown.

Any hints?

TIA
Sandro

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

ACID 0.9.6b14 questions Poppi, Sandro (Sep 17)
- <Possible follow-ups>
- Re: ACID 0.9.6b14 questions roman (Sep 17)