Public bug reported:
Binary package hint: acidbase
After a default install of mysql-server+snort-mysql+acidbase, when I
stroll base's frontend it only shows me the detected attacks' signature
numbers, but it doesn't give the names. This, without fiddling with the
snort configuration or rulesets in any way, and sid-msg.map intact from
the install.
Snort itself doesn't have any troubles, as SQL shows:
mysql> select * from signature;
+--------+---------------------------+--------------+--------------+---------+---------+
| sig_id | sig_name | sig_class_id | sig_priority | sig_rev |
sig_sid |
+--------+---------------------------+--------------+--------------+---------+---------+
| 1 | WEB-IIS msadcs.dll access | 1 | 2 | 11 |
1023 |
+--------+---------------------------+--------------+--------------+---------+---------+
1 row in set (0.00 sec)
Whereas ACID says the sig_name is "1":
mysql> select * from acid_event;
+-----+-----+-----------+----------+--------------+--------------+---------------------+------------+------------+----------+--------------+--------------+
| sid | cid | signature | sig_name | sig_class_id | sig_priority | timestamp
| ip_src | ip_dst | ip_proto | layer4_sport | layer4_dport |
+-----+-----+-----------+----------+--------------+--------------+---------------------+------------+------------+----------+--------------+--------------+
| 1 | 1 | 1 | 1 | NULL | NULL | 2007-08-29
04:11:35 | 3589514167 | 3227656555 | 6 | 37265 | 80 |
+-----+-----+-----------+----------+--------------+--------------+---------------------+------------+------------+----------+--------------+--------------+
1 row in set (0.00 sec)
** Affects: acidbase (Ubuntu)
Importance: Undecided
Status: New
--
Attack names not shown on default install
https://bugs.launchpad.net/bugs/135425
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
