Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ACID and snort 1.8?

From: roman () danyliw com
Date: Thu, 14 Jun 2001 00:39:47 US/Eastern
Is anybody running snort 1.8 with ACID?  It doesn't look like there is
any specific support in ACID for snort 1.8 classtypes.  Does anybody know
if there will be?


Even the CVS version of ACID does not currently support 
snort 1.8 classifications or priorities.  However, this functionality
is very high on the TODO list.
 

Also does anybody know if ACID will ever support the snort preprocessors
like portscan?  


I'm not sure what you mean by this.  If the database plugin
is configured to log the "alert" facility, then the portscans
alert messages will appear just like any other alerts.  However,
the observation that pre-processor logging is clumsy is correct.
Future versions of Snort will have improved pre-processor
logging, but this will not occur in the 1.8 release.

Roman


---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: