From: Alex Butcher, ISC/ISYS (Alex.Butcherbristol.ac.uk)
Date: Fri Sep 16 2005 - 03:42:18 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--On 15 September 2005 18:18 -0500 "McCash, John" <John.McCashandrew.com>
wrote:

> From the BASE config file, it looks like the <snort> tag is more
> or less just forwarded to the sourcefire URL with a sid number, and the
> resultant page is displayed. It strikes me (as a non PHP programmer, no
> flames please) that it should not be terribly difficult to have BASE
> instead display a web page with two frames, and put the sourcefire stuff
> in one, while simultaneously displaying the full text of the referenced
> rule (pulled from a locally maintained copy of all rules in use) in the
> other.

Indeed - I did this for my local copy of ACID about a year ago. I ported my
patch to BASE a few weeks back. Kevin basically liked it, but wanted to
tweak it slightly to allow the location of the rules to be modified.

I guess it might show up in the next release.

I've attached my patch against 1.1.4, FWIW.

> John

Best Regards,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9

-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• application/octet-stream attachment: base-1.1.4-showsig.diff

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]