Snort mailing list archives

Re: Errors with simultaneous outputs in database

From: Muad Dib <bizou31 () yahoo fr>
Date: Thu, 23 Jun 2005 10:59:06 +0200 (CEST)

I change the user from output database so that each
snort has it's own user name and prevent concurrent
select from the same user

Well, bug is still there, but it's a bit better.

Postgres does not log any error and snort is less
verbose too :

Jun 23 10:52:25 s6 snort: database: warning (SELECT
sig_class_id   FROM sig_class  WHERE sig_class_name =
'suspicious-login') returned more than one result 
Jun 23 10:52:25 s6 snort: database: unable to write
classification 
Jun 23 10:52:25 s6 snort: database: warning (SELECT
sig_id   FROM signature  WHERE sig_name = 'MS-SQL SA
brute force login attempt'    AND sig_rev = 2    AND
sig_sid = 3542 ) returned more than one result 
Jun 23 10:52:25 s6 snort: database: Problem inserting
a new signature 'MS-SQL SA brute force login attempt' 
Jun 23 10:52:25 s6 snort: database: warning (SELECT
ref_system_id   FROM reference_system  WHERE
ref_system_name = 'nessus') returned more than one
result 
Jun 23 10:52:25 s6 snort: database: warning (SELECT
ref_system_id   FROM reference_system  WHERE
ref_system_name = 'nessus') returned more than one
result 
Jun 23 10:52:25 s6 snort: database: Unable to insert
unknown reference tag ('10673') used in rule. 
Jun 23 10:52:25 s6 snort: database: warning (SELECT
ref_system_id   FROM reference_system  WHERE
ref_system_name = 'cve') returned more than one result





        

        
                
___________________________________________________________________________ 
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger 
Téléchargez cette version sur http://fr.messenger.yahoo.com


-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Errors with simultaneous outputs in database Muad Dib (Jun 22)
- <Possible follow-ups>
- Re: Errors with simultaneous outputs in database Muad Dib (Jun 23)
- Re: Errors with simultaneous outputs in database Muad Dib (Jun 24)