Bug#97933: marked as done (ITP: acid -- Analysis Console for Incident Databases)
Your message dated Wed, 15 Aug 2001 15:44:50 +0200
with message-id <20010815154450.A18886@wiretrip.org>
and subject line Closing ITP on acidlab
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Darren Benham
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 18 May 2001 15:48:07 +0000
>From chewie@wookimus.net Fri May 18 10:48:07 2001
Return-path: <chewie@wookimus.net>
Received: from ns.wookimus.net (fenris.wk) [65.165.40.249]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 150mU2-00058A-00; Fri, 18 May 2001 10:48:07 -0500
Received: from skuld.wk (skuld.wk [192.168.5.25])
by fenris.wk (Postfix) with ESMTP id E89C114243
for <submit@bugs.debian.org>; Fri, 18 May 2001 10:48:15 -0500 (CDT)
Received: by skuld.wk (Postfix, from userid 1000)
id 78C8F183F3; Fri, 18 May 2001 10:44:01 -0500 (CDT)
Date: Fri, 18 May 2001 10:44:01 -0500
From: "Chad C. Walstrom" <chewie@wookimus.net>
To: submit@bugs.debian.org
Subject: ITP: acid - Analysis Console for Incident Databases
Message-ID: <20010518104401.E22818@wookimus.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="WBsA/oQW3eTA3LlM"
Content-Disposition: inline
User-Agent: Mutt/1.3.17i
X-Operating-System: Linux skuld 2.4.3-lvm-int
X-GnuPG-Fingerprint: B4AB D627 9CBD 687E 7A31 1950 0CC7 0B18 206C 5AFD
Delivered-To: submit@bugs.debian.org
--WBsA/oQW3eTA3LlM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: wnpp
Severity: wishlist
Description:=20
ACID is a PHP-based analysis engine to search and process a database
of security incidents generated by the security-related software such
as the NIDS Snort. The features currently include:
=20
- Search interface for finding alerts matching practically any
criteria. This includes arrival time, sensor, signature time,
source/destination address/port, flags, payload, etc. These
queries can be made arbitrarily complex to satisfy almost any
parameters.
=20
- Alert Groups: allow for a logical grouping of alerts on which
analysis can be done. It a quick way to combine multiple searches
or to associate a comment with an alert or group of alerts
=20
- Alert purging: allows for the deletion of alerts from the database.
This functionality is ideal for removing known false-positives. =20
- Statistics:
- Snapshot statistics to assess current network state
- Aggregate statistics on a per sensor, IP, or alert basis
- Graphing alert arrival over time
=20
- All features are provided in real-time
Author, Links, etc:
by Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
This plugin was developed at the CERT Coordination Center as a part=20
of the AIRCERT project.
See http://www.cert.org/kb/acid for the most up to date=20
information and documentation about this application.
Mirrored:=20
http://acidlab.sourceforge.net
http://www.andrew.cmu.edu/~rdanyliw/snort/
(usually contains the latest beta code)
---------------------------------------------------------------------------=
----
** Copyright (C) 2000 Carnegie Mellon University
**
** Author: Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, US=
A.
---------------------------------------------------------------------------=
----
--=20
Chad Walstrom <chewie@wookimus.net> | a.k.a. ^chewie
http://www.wookimus.net/ | s.k.a. gunnarr
Key fingerprint =3D B4AB D627 9CBD 687E 7A31 1950 0CC7 0B18 206C 5AFD
--WBsA/oQW3eTA3LlM
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7BUNBDMcLGCBsWv0RAtPdAKCwXZ/eKZQn9WTjmQIG4GZOfk7WIgCfRNwp
PXmx0DolO7nfG98LoFTGciw=
=Rn4K
-----END PGP SIGNATURE-----
--WBsA/oQW3eTA3LlM--
---------------------------------------
Received: (at 97933-close) by bugs.debian.org; 15 Aug 2001 13:46:00 +0000
>From rvdm@wiretrip.org Wed Aug 15 08:46:00 2001
Return-path: <rvdm@wiretrip.org>
Received: from going.on.a.wiretrip.org (sorrow.wiretrip.org) [195.64.80.165] (mail)
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 15X0zg-0006FU-00; Wed, 15 Aug 2001 08:46:00 -0500
Received: from rvdm by sorrow.wiretrip.org with local (Exim 3.22 #1 (Debian))
id 15X0yY-0004v1-00; Wed, 15 Aug 2001 15:44:50 +0200
Date: Wed, 15 Aug 2001 15:44:50 +0200
From: Robert van der Meulen <rvdm@cistron.nl>
To: 97933-close@bugs.debian.org
Cc: 97933-submitter@bugs.debian.org
Subject: Closing ITP on acidlab
Message-ID: <20010815154450.A18886@wiretrip.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.18i
Sender: Robert van der Meulen <rvdm@wiretrip.org>
Delivered-To: 97933-close@bugs.debian.org
This bug has been replaced by a new ITP on acidlab, bug #108787.
Greets,
Robert
--
Linux Generation
encrypted mail preferred. finger rvdm@debian.org for my GnuPG/PGP key.
if you remember the 60's, you weren't there.
Reply to: