Snort mailing list archives
RE: arachNIDS, CVE, bugtraq
From: "L. Christopher Luther" <CLuther () Xybernaut com>
Date: Fri, 15 Nov 2002 15:39:57 -0500
I use the "-G url" command line parameter to cause Snort to reference the ids back to the alert message. I get output something like this: 11/15/02-09:13:47.755531 [**] [1:1243:6] WEB-IIS ISAPI .ida attempt - http://www.whitehats.com/info/IDS552 - http://www.securityfocus.com/bid/1065 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071 [**] [Classification: Web Application Attack] [Priority: 1] {TCP} 200.196.105.83:4571 -> xxx.xxx.xxx.xxx:80 However, I don't know if this will work with ACID. - Christopher -----Original Message----- From: "Jay Archibald" <vectra_fr () hotmail com> To: <snort-users () lists sourceforge net> Date: Fri, 15 Nov 2002 12:14:01 -0700 Subject: [Snort-users] arachNIDS, CVE, bugtraq Could anyone refer me to how I could set up snort/acid to have hyper links to [arachNIDS] [CVE] [bugtraq] for the documention of specific alerts in the signature column. Merci Vectra "Cherchant les plus propres des chaussettes sales!"
Current thread:
- arachNIDS, CVE, bugtraq Jay Archibald (Nov 15)
- Re: arachNIDS, CVE, bugtraq Jens Krabbenhoeft (Nov 15)
- <Possible follow-ups>
- RE: arachNIDS, CVE, bugtraq L. Christopher Luther (Nov 15)
- Re: RE: arachNIDS, CVE, bugtraq Brian (Nov 16)
- RE: RE: arachNIDS, CVE, bugtraq L. Christopher Luther (Nov 18)
- Re: RE: arachNIDS, CVE, bugtraq Andrew R. Baker (Nov 19)
- RE: RE: arachNIDS, CVE, bugtraq L. Christopher Luther (Nov 20)