https://inliniac.net/blog/tag/snorby/ Recent content in Snorby on Inliniac Hugo en Thu, 29 Nov 2012 16:50:15 +0000 https://inliniac.net/blog/2012/11/29/closing-in-on-suricata-1-4/ Thu, 29 Nov 2012 16:50:15 +0000 https://inliniac.net/blog/2012/11/29/closing-in-on-suricata-1-4/ <p><img src="https://inliniac.net/blog/blog/wp-content/uploads/2012/07/suricata2.png" alt="">I just made <a href="http://suricata-ids.org/2012/11/29/suricata-1-4rc1-available/">Suricata 1.4rc1</a> available with some pretty exciting features: unix socket mode and IP reputation.</p> <p><strong>Unix socket</strong></p> <p>First of all, <a href="https://home.regit.org/2012/09/a-new-unix-command-mode-in-suricata/">Eric Leblond&rsquo;s work</a> on the Unix socket was merged. The unix socket work consists of two parts. The unix socket protocol implementation and a new runmode.</p> <p>The protocol implementation is based on JSON messages over unix socket. Eric will be fully documenting it soon. Currently the commands are limited to shutting down and getting some basic stats. This part isn&rsquo;t very exciting yet, but the groundwork for many future extensions has been laid.</p> https://inliniac.net/blog/2012/02/22/recovering-the-emailusername-in-snorby/ Wed, 22 Feb 2012 15:16:46 +0000 https://inliniac.net/blog/2012/02/22/recovering-the-emailusername-in-snorby/ <p>I use a Snorby setup that comes with Security Onion. Recently I had changed the username, but I couldn&rsquo;t remember what I had set it to.</p> <p>To recover the username, we can look it up in the database, like this:</p> <p><code>mysql -uroot -B -e 'use snorby; select email from users;'</code></p> <p>Thanks to Doug Burks and Dustin Webber for helping me recover it.</p>