Snort mailing list archives
Re: There appears to be a bug in Base-1.4.5
From: Jeremy Hoel <jthoel () gmail com>
Date: Tue, 9 Oct 2012 19:37:40 -0600
Security onion isn't a program as much as it is a distribution of linux/snort/snorby/sguil/bro/elsa/<a few other things>. It has all the consoles in it and you can try and use what you want. It's a liveCD (or installable) instant IDS. It is not a single console. People use snorby, base, sguil, bro, splunk, syslog servers, all sorts of things.. they use what they find that works. Each person has a different flow of how they handle events and what they want to see with an event.. so there are many tools to suit many needs. On Tue, Oct 9, 2012 at 7:09 PM, AllowOverride <allowoverride () gmail com> wrote:
what is the new way of browsing to pretty formated data now? securityonion? you are simply greppging/viewing flat files or u2spewfoo or what, how are you alerting others? mail -s to? what? thanks! On Tue, 2012-10-09 at 17:59 -0400, Joel Esler wrote:On Oct 9, 2012, at 4:22 PM, "Castle, Shane" <scastle () bouldercounty org> wrote:(Removed snort-team from CC list - they have zero interest in BASE and this is just noise to them.)It's not that we have zero interest. We have nothing to add. You're right. BASE is pretty much dead. When I left the project in 05, it continued on for a year or so with minor updates, and the last I heard it was going to get a complete recode with a new DB schema, and GUI clients (that was the direction that I wanted it to go when I was the project manager at least, and I think that train of thought was continuing). I don't use any GUI right now (alert files and pcaps when analyzing my own network). -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Castle, Shane (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Joel Esler (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Joel Esler (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Dustin Webber (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jefferson, Shawn (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Dustin Webber (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jefferson, Shawn (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jefferson, Shawn (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Dustin Webber (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jefferson, Shawn (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 AllowOverride (Oct 09)
- Re: There appears to be a bug in Base-1.4.5 Jeremy Hoel (Oct 09)