On Fri, May 03, 2002 at 10:49:44AM -0400, Redman, Ken wrote:
> I have put in a rule to ignore the IP address that I do all my Pen-testing from. However, 80% of all alerts in MySQL/Acid are from my one IP address. Therefore I want to remove all instances of those entries from MySQL and Acid. Is this is possible "How do I do this?" and will I end up corrupting the MySQL?

I think the easiest way, since you have ACID, is to query on your IP
address in ACID, and then tell it to delete the whole query. It will
clean up nicely.

Tim

-- 
Tim Sailer <sailerbnl.gov> 
Brookhaven National Laboratory  (631) 344-3001
_______________________________________________________________
Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: bandwidthsourceforge.net
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]