What is the format of the src_ip and dst_ip fields in the alert table? How can I convert that to conventional decimal format?
I'm trying to troubleshoot an error where my own ip was identified as an attacker (I think it may have to do with the ftp client I'm using) and I wanna search through and identify the rule that was triggered.
Thanks.
--Joe
Code:
+-------------+-----------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-----------------------+------+-----+---------+-------+
| src_ip | int(10) unsigned | YES | MUL | NULL | |
| dst_ip | int(10) unsigned | YES | | NULL | |
| src_port | smallint(5) unsigned | YES | | NULL | |
| dst_port | smallint(5) unsigned | YES | | NULL | |
+-------------+-----------------------+------+-----+---------+-------+
Login
Register
FAQ
Search
