From: Kalajzich, Damon (Damon.Kalajzichaar.com.au)
Date: Mon Apr 05 2004 - 20:12:18 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have running Acid on a Win2k box with PHP installed, Everything works fine
except archiving I have worked out that after selecting an Item to archive
Acid is then Querying The Archive Database for the Item and not finding it
there for I get an Error Stating that No alerts were selected or the
ARCHIVE-move was not successful.
Has anyone seen anything like this before I have specified the Correct Live
and Archive Databases in the Acid_conf.php and these are the only changes I
have made to the php file apart form turning on the Debugging and SQL trace
log. From the SQL trace log you can see that it is connecting to the
Archive Database running the Query on that and then attempting to insert the
entry back in to the Archive DB.
 
----------------------------------------------------------------------------
----

Connect [mysql] archive1bne506:3306 as root

[Apr 05 2004 16:53:12] /acid/acid_stat_alerts.php - db version 106

----------------------------------------------------------------------------
----

SELECT sig_id FROM signature WHERE sig_name='ICMP PING speedera'

INSERT INTO iphdr (sid,cid,

ip_src,

ip_dst,

ip_ver,ip_hlen,ip_tos,ip_len,ip_id,ip_flags,

ip_off,ip_ttl,ip_proto,ip_csum) VALUES (1, 115215, '1075599074',
'3523898084','4','5','0','84','57154','0','0','46','1','55673')

___________________________________________________
 
Damon Kalajzich
Security Administrator
Allens Arthur Robinson
Phone: 61 7 3334 3193
Mobile: 0414 549 135

***********************************************************************

Allens Arthur Robinson online: http://www.aar.com.au

This email (including all attachments) may contain personal information
and is intended solely for the named addressee. It is confidential and
may be subject to legal or other professional privilege. Any
confidentiality or privilege is not waived or lost because this email
has been sent to you by mistake. If you have received it in error,
please let us know by reply email, delete it from your system and
destroy any copies.

This email is also subject to copyright. No part of it should be
reproduced, adapted or communicated without the written consent of the
copyright owner. Any personal information in this email must be handled
in accordance with the Privacy Act 1988 (Cth).

Emails may be interfered with, may contain computer viruses or other
defects and may not be successfully replicated on other systems. We
give no warranties in relation to these matters. If you have any
doubts about the authenticity of an email purportedly sent by us,
please contact us immediately.

***********************************************************************

-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]