Snort mailing list archives
Re: arachNIDS, CVE, bugtraq
From: Jens Krabbenhoeft <tschenz-snort-users () noris net>
Date: Fri, 15 Nov 2002 21:18:57 +0100
Jay,
Could anyone refer me to how I could set up snort/acid to have hyper links to [arachNIDS] [CVE] [bugtraq] for the documention of specific alerts in the signature column.
In acid_conf.php there is a sectin that looks similar to that: /* Signature references */ $external_sig_link = array("bugtraq" => array("http://www.securityfocus.com/bid/", ""), "snort" => array("http://www.snort.org/snort-db/sid.html?sid=", ""), "cve" => array("http://cve.mitre.org/cgi-bin/cvename.cgi?name=", ""), "arachnids" => array("http://www.whitehats.com/info/ids", ""), "mcafee" => array("http://vil.nai.com/vil/content/v_", ".htm"), "icat" => array("http://icat.nist.gov/icat.cfm?cvename=", ""), "nessus" => array("http://cgi.nessus.org/plugins/dump.php3?id=",""), "url" => array("http://","")); Which means, that alle references from bugtraq will have "http://www.securityfocum.com/bin/" in front of the reference given in the rule-file/sid-map. Looking at mcafee, you can see that the second part of the array contains the string that gets appended after the rules' reference. HTH, Jens ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- arachNIDS, CVE, bugtraq Jay Archibald (Nov 15)
- Re: arachNIDS, CVE, bugtraq Jens Krabbenhoeft (Nov 15)
- <Possible follow-ups>
- RE: arachNIDS, CVE, bugtraq L. Christopher Luther (Nov 15)
- Re: RE: arachNIDS, CVE, bugtraq Brian (Nov 16)
- RE: RE: arachNIDS, CVE, bugtraq L. Christopher Luther (Nov 18)
- Re: RE: arachNIDS, CVE, bugtraq Andrew R. Baker (Nov 19)
- RE: RE: arachNIDS, CVE, bugtraq L. Christopher Luther (Nov 20)