|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Snort-users] BASE Feature Suggestion to Display Rule Source
From: Kevin Johnson (kjohnson
secureideas.net)
Date: Fri Sep 16 2005 - 14:45:06 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 2005-09-16 at 09:42 +0100, Alex Butcher, ISC/ISYS wrote:
>
> --On 15 September 2005 18:18 -0500 "McCash, John" <John.McCashandrew.com>
> wrote:
>
> > From the BASE config file, it looks like the <snort> tag is more
> > or less just forwarded to the sourcefire URL with a sid number, and the
> > resultant page is displayed. It strikes me (as a non PHP programmer, no
> > flames please) that it should not be terribly difficult to have BASE
> > instead display a web page with two frames, and put the sourcefire stuff
> > in one, while simultaneously displaying the full text of the referenced
> > rule (pulled from a locally maintained copy of all rules in use) in the
> > other.
>
> Indeed - I did this for my local copy of ACID about a year ago. I ported my
> patch to BASE a few weeks back. Kevin basically liked it, but wanted to
> tweak it slightly to allow the location of the rules to be modified.
>
> I guess it might show up in the next release.
>
> I've attached my patch against 1.1.4, FWIW.
>
> > John
>
> Best Regards,
> Alex.
Hi-
Kevin did like it, along with your other patches.<g> I should be
getting most of them into CVS this weekend and after testing the next
release will include them.
Kevin
---------------------
BASE Project Lead
http://sourceforge.net/projects/secureideas
http://base.secureideas.net
The next step in IDS analysis!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQBDKyDB9gxbZzzrqlsRAgApAJ9frc2BkjPbveTpvmZcp2bWXjJaCwCeLhk7
1mSq5CLgjfesRsUfcjIKc+o=
=EpRC
-----END PGP SIGNATURE-----
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]