|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Redman, Ken (ken.redman
mssm.edu)Date: Fri May 03 2002 - 09:49:44 CDT
This question is more of a database questions, but it is reliant on the way Snort populates the data in MySQL.
I have:
MySQL-3.23.49a-1
Snort-1.8.6
Acid-0.9.6b21
Redhat 7.2 with all Bugfixes and security patches up to date.
I have put in a rule to ignore the IP address that I do all my Pen-testing from. However, 80% of all alerts in MySQL/Acid are from my one IP address. Therefore I want to remove all instances of those entries from MySQL and Acid. Is this is possible "How do I do this?" and will I end up corrupting the MySQL?
Thanks in advance for any light than can be shed on this.
Ken
_______________________________________________________________
Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: bandwidthsourceforge.net
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]