Snort mailing list archives

Previous By Date Next
Previous By Thread Next

BASE Payload Search

From: "Humes, David G." <David.Humes () jhuapl edu>
Date: Thu, 5 Jul 2007 08:38:18 -0400
Hey Everyone, 
We use BASE for watching our Snort alerts, and would really like to be
able to do a payload search.   But it does not appear to work. I saw
some early posts about this on the BASE list saying that it never worked
in ACID.  Does anyone have this working?  I'm running BASE 1.3.6.  I've
already posted this on the BASE list and haven't received any replies.
I though it might get a little more visibility over here.  My process
flow for searching is:
Search 
Select Signature and Alert Time 
Payload Criteria 
{encoding} {Convert To} 
has [string to search for] 
Query DB 
Thanks. 

--Dave

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: