Snort mailing list archives
Final Year Project Custom MySQL Database Server Rules and Classifications Review
From: Jack Eastwood via Snort-devel <snort-devel () lists snort org>
Date: Sun, 8 Apr 2018 17:50:08 +0000
Good Afternoon, I’m a final year Computer Forensics and Security student representing Leeds Beckett University in the UK and finalizing my final year project based on using Snort as an IDS to monitor an active MySQL server. For the basis of my project I have installed and configured Snort as an IDS to monitor an array of activity against a MySQL community server with a vulnerable application called “damn vulnerable web application” (DVWA) that is connected the MySQL database. I have uploaded three files in this email: a general MySQL rules file, a MySQL exploit rules file -where I have written custom made snort rules to detect an array of activity - and a classification configuration file which I have also written custom made classifications in context to my project. For each rule I have inserted comments explaining the function of each rule and the requirements on how each rule gets triggered. I would be thankful if anyone could review these files and provide any form of feedback that could enhance these rules for future research or even potentially be published as official Snort rules. If you would like any more information regarding my project, Snort or MySQL configuration settings or anything else that could benefit the reviewing process then don’t hesitate to contact me. Thanks you and regards Jack Eastwood Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10
Attachment:
general-mysql.rules
Description: general-mysql.rules
Attachment:
mysql-exploit.rules
Description: mysql-exploit.rules
Attachment:
classification.config
Description: classification.config
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Final Year Project Custom MySQL Database Server Rules and Classifications Review Jack Eastwood via Snort-devel (Apr 08)
- Re: Final Year Project Custom MySQL Database Server Rules and Classifications Review DFIRob via Snort-devel (Apr 10)
- Re: [Snort-devel] Final Year Project Custom MySQL Database Server Rules and Classifications Review Mkultra via Snort-users (Apr 13)
- Re: [Snort-devel] Final Year Project Custom MySQL Database Server Rules and Classifications Review DFIRob via Snort-users (Apr 13)
- Re: [Snort-devel] Final Year Project Custom MySQL Database Server Rules and Classifications Review Mkultra via Snort-users (Apr 13)
- Re: Final Year Project Custom MySQL Database Server Rules and Classifications Review DFIRob via Snort-devel (Apr 10)