Snort mailing list archives

RE: Slammer Virus ruined my ACID and SNORT

From: "Semerjian, Ohanes" <Semerjian.Ohanes () wcom com au>
Date: Fri, 28 Mar 2003 07:42:26 +0800

You could use Mysql query to do so but it is not that easy. Once you delete
the alerts you'll still find that ACID showing (although the actual records
are been deleted from Mysql database) the large number of alerts and that is
coz ACID display the alert from its tables and not directly from Mysql
database so you have to delete ACID tables also.
 

Best Regards 

Ohanes Semerjian 
Security Engineer, AsiaPac 
-----Original Message-----
From: Andrade, Leonardo F. Buonsanti de (IT - Brasil)
[mailto:leoandrade () deloitte com br]
Sent: Friday, 28 March 2003 6:04 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Slammer Virus ruined my ACID and SNORT



Hi all,

 

This week one of the computers here got that slammer virus ( the one that
attacks SQL servers )...which made my ACID and SNORT go totally nuts and
generate more 300000 alerts...now when I try to load my ACID site, it takes
minutes!!! and I just can't delete all of the alerts at once...

Anyone has a good idea of how I can delete all these alerts ?

 

Thanks in advance,

 

Leonardo

Current thread:

Slammer Virus ruined my ACID and SNORT Andrade, Leonardo F. Buonsanti de (IT - Brasil) (Mar 27)
- <Possible follow-ups>
- RE: Slammer Virus ruined my ACID and SNORT Maynard, Jeff S. (Mar 27)
  - RE: Slammer Virus ruined my ACID and SNORT Paul Schmehl (Mar 27)
- RE: Slammer Virus ruined my ACID and SNORT Maynard, Jeff S. (Mar 27)
- RE: Slammer Virus ruined my ACID and SNORT Semerjian, Ohanes (Mar 27)
- RE: Slammer Virus ruined my ACID and SNORT Jim Clews (Mar 28)
- RE: Slammer Virus ruined my ACID and SNORT Maynard, Jeff S. (Mar 28)