Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
correlating sys_read data to "source" ip
Aug 17 2006 03:10AM
troy d. straszheim (troy resophonic com)
I'm trying to correlate data in sys_read with the ip address that the
data came from. That is, if I ssh in to a honeypot from 10.11.12.13
and type "WHERE DID THIS COME FROM" I get something like this in my
mysql> select sensor_id, sys_read_id, process_id, data from sys_read wh...
[ more ]
Copyright 2010, SecurityFocus