Re: Links broken

["Jefferson, Shawn" <Shawn.Jefferson () bcferries com>]

Oops, broke EmergingThreats links... need to make a change to line 142 too.  ;)

________________________________
From: Jefferson, Shawn [mailto:Shawn.Jefferson () bcferries com]
Sent: Tuesday, February 23, 2010 10:34 AM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Links broken

Hi,

Until the BASE team creates an official fix, you can pretty easily fix this yourself.

Change the link in base_conf.php, and then change the ':' to a '-' in line 338 in includes/base_signature.inc.php.

Seems to be working for me.

Speaking of BASE, I'd really like to somehow add some correlation with known vulnerabilities... What I am envisioning 
is a plain text (or DB table) with each IP and the discovered CVE vulnerabilities that BASE could then check when it 
builds the alert table.  Maybe display the ones with matching CVE vulnerabilities in a different color, or some other 
method.  The file should be easy enough to create from a Nessus NBE file, and probably easy enough with other vuln 
scanners.

--
Shawn


________________________________
From: Mike Guiterman [mailto:mguiterman () sourcefire com]
Sent: Tuesday, February 23, 2010 6:15 AM
To: Fábio Ferrão
Cc: snort-users () lists sourceforge net; Alex Kirk
Subject: Re: [Snort-users] Links broken

Hi everyone,

Sorry for the response to the old thread here.  Searchable rule docs have been back up on Snort.org for some time now.  
Just go to snort.org/search<http://snort.org/search>.  The search capabilities have been greatly improved.  You can 
still search by SID but we've added the capability to search by MS advisory, reference, platform and key words.  If you 
haven't yet you should check it out.

The issue with BASE is that they haven't updated the project to link to the new search capability.  Kevin and the team 
at BASE are aware of the issue and are working on an update to BASE.

Regards,

Mike
2010/2/10 Fábio Ferrão <ferrao04 () gmail com<mailto:ferrao04 () gmail com>>
The snort team,

I'm using BASE for analisys of snort's alerts and I verified that the snort links are broken.
When I click in snort links for learning about alert, the result is "The page you are looking for isn't here".
For example: http://www.snort.org/pub-bin/sigs.cgi?sid=1:384.

Can you verify?

Regards.

--
Fábio Ferrão

"E conhecereis a verdade e a verdade vos libertará".    João 8.32
"And you will know the truth and the truth you will free".    John 8.32

------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users<https://lists.sourceforge.net/lists/listinfo/snort-users%0ASnort-users> list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



--
Mike Guiterman
Snort Community Manager
Sourcefire, Inc.
mguiterman () sourcefire com<mailto:mguiterman () sourcefire com>
410.423.1930 (office)
703.400.4091 (mobile)

------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users