Snort mailing list archives

Snort & ACID

From: "Lean Cornelius" <lean.cornelius () sintrex com>
Date: Mon, 15 Aug 2005 18:21:48 +0200

Hi Guys/Girls

 

I have recently installed snort v2.3.3 and ACID v0.9.6b22 on RHEL3.

I am really impressed with the product (snort). Just a few questions:

 

Is there a complete list of all the Signature Database entries and
descriptions. I would like to go through them and build a parser to parse
the database and send me mail and text messages if certain events happen.

This way I can decide on what is important to me

 

I see that the ACID was last updated in 2003. Would you recommend me
changing to something else?

 

Thanks in advance.

 

Kind Regards,

 

Lean Cornelius 

 
SINTREX Integration Services (PTY) Ltd
Tijgerpark 2
Second Floor
Willie van Schoor Avenue
Bellville
7530
South Africa
 
Tel:          +27 (0) 21 914 6450
Fax:          +27 (0) 21 914 9878
Mobile:      +27 (0) 82 770 1604
Email:       lean.cornelius () sintrex com
 
The information transmitted is intended only for the person or entity to
which it is 
addressed and may contain confidential and/or privileged material. If you
are not the intended
recipient of this message, please notify the sender thereof and destroy or
delete the message.
Any use of information contained by this message, by persons or entities
other than the intended
recipient is prohibited.

Current thread:

Snort & ACID Lean Cornelius (Aug 15)
- RE: Snort & ACID M. Shirk (Aug 15)
  - RE: Snort & ACID Lean Cornelius (Aug 15)
  - Is snort an over kill just for apache? Pigeon (Aug 23)
    - Re: Is snort an over kill just for apache? Matt Kettler (Aug 24)
- <Possible follow-ups>
- RE: Snort & ACID Willy, Andrew (Aug 15)