Search the Community

Showing results for tags 'event'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


The Winsnort Community Forums

  • Front Desk
    • News & Site Announcements
    • Client Testimonials
    • Client Only Lounge
  • Support Forums for installing a 32/64 bit Windows 7 / 8.x / 10 / 2008 / 2013 / 2016 Intrusion Detection System (WinIDS)
    • Help with installing an Apache2 Web Server, and logging events to a MySQL Database
    • Help with installing an Apache2 Web Server, and logging to a PostgreSQL Database
    • Help with installing an IIS Web Server, and logging events to a MySQL Database
    • Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
    • Help with installing a slave client logging events to a remote MySQL Database
    • Help with installing a slave client logging events to a remote PostgreSQL Database
  • Support Forums for installing a Windows Intrusion Detection System (WinIDS) Companion add-on
    • Help with compiling Barnyard2 on Windows for Windows using Cygwin
    • Help with creating and Installing a Passive Ethernet Tap
    • Help with installing Email Alerting to an existing Windows Intrusion Detection System
    • Help with installing Pulledpork Rule Management - Master/Slave sensor
    • Help with installing Event Logging to a Remote Syslog Server
    • Help with installing Event Logging to a Local Syslog Server
    • Help with updating Barnyard2 to Run As Service
  • Support Fourms for updating an existing Windows Intrusion Detection System (WinIDS)
    • Help with updating the Rules, Signatures, and sig-msg.map file
    • Help with updating the Snort Intrusion Detection Engine
  • The Trashcan
    • Recycle Bin

Categories

  • Latest 32/64bit Windows Intrusion Detection Systems Core Software Packs
  • Windows Security Tools
  • Basic Analysis and Security Engine (BASE)

Calendars

  • Community Calendar

Categories

  • Installing a 32/64 bit Windows Intrusion Detection System (WinIDS)
  • Installing a Windows Intrusion Detection System (WinIDS) Companion add-on
  • Updating an existing Windows Intrusion Detection System (WinIDS)

Found 1 result

  1. sorry to bother you all, i trying to check arp spoofing on my winids system so i'm active the prepocrule used to detect arp spoofing. the rule look like this : alert ( msg: "ARPSPOOF_ARP_CACHE_OVERWRITE_ATTACK"; sid: 4; gid: 112; rev: 1; metadata: rule-type preproc ; classtype:bad-unknown; ) and it work it shown and give alert on barnyard2 & visual syslog server it give alert like this : 05/16-13:31:06.553294 [**] [112:4:1] spp_arpspoof: ARP Cache Overwrite Attack [**] but the alert can't show on BASE it give error on BASE, the error look like this : "D:\winids\Apache24\htdocs\base\includes\base_cache.inc.php:776: ERROR: 3 alerts have NOT found their way into acid_event with sid = 4" "D:\winids\Apache24\htdocs\base\includes\base_cache.inc.php:521: ERROR: Alert "4 - 9618" could NOT be found in acid_event" what should i do to fix the error and make the alert can shown on BASE? thank you so much - Fahmi