Snort mailing list archives
Some PHP guru on Snort?
From: "Ivan Hernandez Puga" <ivan.hernandez () globalsis com ar>
Date: Tue, 4 Dec 2001 16:51:13 -0300
I know it's a VERY BIG off topic but well, here goes. I'm making a little PHP script to count unique attacks from the alerts.ids file generated by my snort installation. I have done similar hashing voodoo with perl, but PHP seems to be a little more reticent. Thanks Ivan Hernandez Now, this is the script: #*********************************************** <? include("config.php"); $fp = fopen("$logs_path/alert.ids", "r"); while (!feof($fp)) { $sign = fgets($fp,100); if (substr($sign,0,4)== "[**]") { $count{$sign}++; } } fclose($fp); ?> #*********************************************** And the output says: Warning: Undefined variable: count in c:\program files\apache group\apache\htdocs\snortscan\x.php on line 8 Warning: Undefined index: [**] [1:1002:2] WEB-IIS cmd.exe access [**] in c:\program files\apache group\apache\htdocs\snortscan\x.php on line 8 Warning: Undefined index: [**] [1:466:1] ICMP L3retriever Ping [**] in c:\program files\apache group\apache\htdocs\snortscan\x.php on line 8 Warning: Undefined index: [**] [1:620:1] SCAN Proxy attempt [**] in c:\program files\apache group\apache\htdocs\snortscan\x.php on line 8 Warning: Undefined index: [**] [1:1256:2] WEB-IIS CodeRed v2 root.exe access [**] in c:\program files\apache group\apache\htdocs\snortscan\x.php on line 8 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Some PHP guru on Snort? Ivan Hernandez Puga (Dec 04)
- Re: Some PHP guru on Snort? Chris Adams (Dec 06)
- <Possible follow-ups>
- RE: Some PHP guru on Snort? Steve Halligan (Dec 04)