[Snort-users] Portscan - remote mysql and Acid ??
This is a discussion on [Snort-users] Portscan - remote mysql and Acid ?? within the Snort forums, part of the System Security and Security Related category; This message is in MIME format. Since your mail reader does not understand this format, some or all of this ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-17-2004
|
|||
|
|||
[Snort-users] Portscan - remote mysql and Acid ??
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible. ------_=_NextPart_001_01C4E41F.CAC2ABB2 Content-Type: text/plain; charset="iso-8859-1" Hi there, I have added the following line in my snort.conf file preprocessor portscan: any 5 7 /var/log/portscan.log So I am now logging portscan type messages to /var/log/portscan.log, BUT the issue is, I have a mysql database server and the ACID consol on a different machine, How do I get my portscan to feed into this remote database instead of this current flatfile so that ACID on my management station can read it from a DB? All other messages gets logged perfectly to the database, besides these portscans. Thanks a ton Mike __________________________________________________ __________________________________________________ ______________________________ Standard Bank Disclaimer and Confidentiality Note This e-mail, its attachments and any rights attaching hereto are, unless the context clearly indicates otherwise, the property of Standard Bank Group Limited and/or its subsidiaries ("the Group"). It is confidential, private and intended for the addressee only. Should you not be the addressee and receive this e-mail by mistake, kindly notify the sender, and delete this e-mail, immediately and do not disclose or use same in any manner whatsoever. Views and opinions expressed in this e-mail are those of the sender unless clearly stated as those of the Group. The Group accepts no liability whatsoever for any loss or damages whatsoever and howsoever incurred, or suffered, resulting, or arising, from the use of this email or its attachments. The Group does not warrant the integrity of this e-mail nor that it is free of errors, viruses, interception or interference. Licensed divisions of the Standard Bank Group are authorised financial services providers in terms of the Financial Advisory and Intermediary Services Act, No 37 of 2002 (FAIS). For information about the Standard Bank Group Limited visit our website http://www.standardbank.co.za __________________________________________________ __________________________________________________ _______________________________ ------_=_NextPart_001_01C4E41F.CAC2ABB2 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; charset=3Diso-885= 9-1"> <META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version 5.5.2658.2= "> <TITLE> Portscan - remote mysql and Acid ??</TITLE> </HEAD> <BODY> <BR> <P><FONT SIZE=3D2>Hi there,</FONT> </P> <P><FONT SIZE=3D2>I have added the following line in my snort.conf file</= FONT> </P> <P><FONT SIZE=3D2>preprocessor portscan: any 5 7 /var/log/portscan.log</F= ONT> </P> <P><FONT SIZE=3D2>So I am now logging portscan type messages to /var/log/= portscan.log, BUT the issue is, I have a mysql database server and the AC= ID consol on a different machine, How do I get my portscan to feed into t= his remote database instead of this current flatfile so that ACID on my m= anagement station can read it from a DB?</FONT></P> <P><FONT SIZE=3D2>All other messages gets logged perfectly to the databas= e, besides these portscans.</FONT> </P> <P><FONT SIZE=3D2>Thanks a ton</FONT> <BR><FONT SIZE=3D2>Mike</FONT> </P> <DIV>_____________________________________________ _______________________= __________________________________________________ ____________</DIV> <DIV><SPAN class=3D236492506-24112004><FONT size=3D2><SPAN lang=3DEN-ZA=20 style=3D"FONT-SIZE: 9pt; LAYOUT-GRID-MODE: line; FONT-FAMILY: Arial; mso-= bidi-font-size: 12.0pt; mso-fareast-font-family: 'Times New Roman'; mso-a= nsi-language: EN-ZA; mso-fareast-language: EN-US; mso-bidi-language: AR-S= A"><STRONG> <SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt">= Standard=20 Bank Disclaimer and Confidentiality Note<O:P></O:P></SPAN></STRONG>=20 <P class=3DMsoNormal style=3D"MARGIN: 0cm 0cm 0pt"><SPAN=20 style=3D"FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt"><O:P></O:P></SPAN></= P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt">= This=20 e-mail, its attachments and any rights attaching hereto are, unless the c= ontext=20 clearly indicates otherwise, the property of Standard Bank Group Limited = and/or=20 its subsidiaries ("the Group"). It is confidential, private and intended = for the=20 addressee only. <O:P></O:P></SPAN></P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt">= <BR>Should=20 you not be the addressee and receive this e-mail by mistake, kindly notif= y the=20 sender, and delete this e-mail, immediately and do not disclose or use sa= me in=20 any manner whatsoever. <O:P></O:P></SPAN></P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt">= <O:P></O:P></SPAN></P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt">= </SPAN> </P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt">= Views and=20 opinions expressed in this e-mail are those of the sender unless clearly = stated=20 as those of the Group. The Group </SPAN><SPAN lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt; = mso-fareast-font-family: 'Arial Unicode MS'">accepts=20 no liability whatsoever for any loss or damages whatsoever and howsoever = incurred, or suffered, resulting, or arising, from the use of this email = or its=20 attachments.</SPAN></P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt; = mso-fareast-font-family: 'Arial Unicode MS'"></SPAN> </P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt; = mso-fareast-font-family: 'Arial Unicode MS'">The=20 Group does not warrant the integrity of this e-mail nor that it is free o= f=20 errors, viruses, interception or interference.<O:P></O:P></SPAN></P> <P class=3DMsoNormal=20 style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: justify; mso-layout-grid-align:= =20none"><SPAN=20 style=3D"FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt"></SPAN><SPAN lang=3D= EN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt">= <O:P></O:P></SPAN></P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt; = mso-ansi-language: EN-GB"></SPAN> </P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt; = mso-ansi-language: EN-GB">Licensed=20 divisions of the Standard Bank Group are authorised financial services pr= oviders=20 in terms of the Financial Advisory and Intermediary Services Act, No 37 o= f 2002=20 (FAIS).</SPAN><SPAN lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt">= <O:P></O:P></SPAN></P> <P class=3DMsoBodyText=20 style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal; TEXT-ALIGN: justify"><= SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt">= <O:P></O:P></SPAN></P> <P class=3DMsoBodyText style=3D"MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: normal"= ><SPAN=20 lang=3DEN-US=20 style=3D"FONT-SIZE: 9pt; FONT-FAMILY: Arial; mso-bidi-font-size: 12.0pt; = mso-fareast-font-family: 'Arial Unicode MS'">For=20 information about the Standard Bank Group Limited visit our website <A=20 href=3D"http://www.standardbank.co.za"><FONT=20 color=3D#0000ff>http://www.standardbank.co.za</FONT></A></SPAN></P></SPAN= ></FONT></SPAN><FONT=20 color=3D#0000ff><FONT=20 color=3D#000000>__________________________________ _______________________= __________________________________________________ _______________________= <BR></FONT></DIV></FONT> </BODY> </HTML>= ------_=_NextPart_001_01C4E41F.CAC2ABB2-- ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
