ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000043ClearOSapp-intrusion-prevention - Intrusion Preventionpublic2010-03-15 03:402019-11-29 09:08
Reportertimb80 
Assigned Totracker 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version5.1 
Target Version5.1Fixed in Version 
Summary0000043: Active Block List - Snort SID's links
DescriptionThis has been present in ClarkConnect 5.0 / ClearOS 5.1 for a long time since Snort removed their SID info pages as part of their version upgrade. Links to blocked SID in the intrusion detection screen now point to user guide URL which is still to be completed.

Dinkster very kindly posted a fix for this for CC5.0 to use snortid.com
http://ccforums.clearfoundation.com/showflat.php?Cat=0&Number=121014&an=&page=0&vc=1 [^]

Amend /var/webconfig/gui/SnortSamReport.class.php
From line 142:-
            if ($_SESSION['system_online_help']) {
                $sid = "<a target='blank' href='". $_SESSION['system_online_help'] . "/redirect/snort/sid=$block[sid]'>$block[sid]</a>";

To:-
            if ($_SESSION['system_online_help']) {
                    $sid = "<a target='blank' href='" . "http://www.snortid.com" [^] .
                        "/snortid.asp?QueryId=1:$block[sid]'>$block[sid]</a>";

Please can we have this implemented as an interim measure until the ClearOS userguide is updated?
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0000058)
timb80 (developer)
2010-03-15 03:54

Ok updated to use new snort.org search function (assumes group ref = 1)

                                 if ($_SESSION['system_online_help']) {
                                             $sid = "<a target='blank' href='" . "http://www.snort.org" [^] .
                                                     "/search/sid/$block[sid]?r=1'>$block[sid]</a>";

However webconfig needs to be amended to report SID in full form to permit links for SID's outside of generic group 1
(0000059)
user2
2010-03-17 15:09

It's back online -- that's good. We can make the change on our servers using the standard apache redirect.
(0000167)
timb80 (developer)
2010-06-08 08:59

Please note that the bug tracker inserts the [^] field when it finds a URL - they shouldn't be there!
(0012411)
NickH (developer)
2019-11-29 09:07

5.2 issue. UI is very different in 7.x

- Issue History
Date Modified Username Field Change
2010-03-15 03:40 timb80 New Issue
2010-03-15 03:54 timb80 Note Added: 0000058
2010-03-17 15:09 user2 Note Added: 0000059
2010-03-17 15:10 user2 Status new => acknowledged
2010-03-17 15:10 user2 Status acknowledged => assigned
2010-03-17 15:10 user2 Assigned To => user2
2010-03-17 15:12 user2 Priority normal => high
2010-03-17 15:12 user2 ETA none => 2-3 days
2010-03-17 15:12 user2 Target Version => 5.1
2010-06-08 08:59 timb80 Note Added: 0000167
2011-02-08 15:31 user2 Category Reports - Intrusion Prevention => app-intrusion-prevention - Snortsam
2013-05-08 08:11 user2 Priority high => normal
2018-12-14 12:11 user2 Assigned To user2 => tracker
2019-11-29 09:08 NickH Note Added: 0012411
2019-11-29 09:08 NickH Status assigned => closed
2019-11-29 09:08 NickH Resolution open => fixed