Snort mailing list archives
RE: Slammer Virus ruined my ACID and SNORT
From: "Maynard, Jeff S." <Jeff.Maynard () banctec com>
Date: Thu, 27 Mar 2003 13:48:56 -0600
Sorry, the correct syntax would be : use snort; then delete from acid_event where ip_src="xxxxxxxxx"; -----Original Message----- From: Andrade, Leonardo F. Buonsanti de (IT - Brasil) [mailto:leoandrade () deloitte com br] Sent: Thursday, March 27, 2003 1:04 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Slammer Virus ruined my ACID and SNORT Hi all, This week one of the computers here got that slammer virus ( the one that attacks SQL servers )...which made my ACID and SNORT go totally nuts and generate more 300000 alerts...now when I try to load my ACID site, it takes minutes!!! and I just can't delete all of the alerts at once... Anyone has a good idea of how I can delete all these alerts ? Thanks in advance, Leonardo
Current thread:
- Slammer Virus ruined my ACID and SNORT Andrade, Leonardo F. Buonsanti de (IT - Brasil) (Mar 27)
- <Possible follow-ups>
- RE: Slammer Virus ruined my ACID and SNORT Maynard, Jeff S. (Mar 27)
- RE: Slammer Virus ruined my ACID and SNORT Paul Schmehl (Mar 27)
- RE: Slammer Virus ruined my ACID and SNORT Maynard, Jeff S. (Mar 27)
- RE: Slammer Virus ruined my ACID and SNORT Semerjian, Ohanes (Mar 27)
- RE: Slammer Virus ruined my ACID and SNORT Jim Clews (Mar 28)
- RE: Slammer Virus ruined my ACID and SNORT Maynard, Jeff S. (Mar 28)