Snort mailing list archives

Problem with mysql

From: Fiorenzi Alessandro <a.fiorenzi () infogroup it>
Date: Thu, 20 Sep 2001 15:57:40 +0200
I have stopped for update my snort box, and when i restart I get
nothing, so I have stopped mysql and restarted.
So I try to start snort by I get this message:

Sep 20 16:01:13 lupin3 snort: WEB-IIS cmd.exe access [Classification:
Attempted User Privilege Gain   Priority: 8]: 193.41.215.26:1724 ->
193.41.78.48:80
Sep 20 16:01:13 lupin3 snort: database: mysql_error: Can't open file:
'iphdr.MYD'. (errno: 145) SQL=INSERT INTO iphdr (sid, cid, ip_src,
ip_dst, ip_ver,ip_hlen, ip_tos, ip_len, ip_id, ip_flags, ip_off,ip_ttl,
ip_proto, ip_csum) VALUES
('1','1293886','3240744730','3240709680','4','5','64','140','6082','0','0','108','6','20172')

Sep 20 16:01:13 lupin3 snort: WEB-IIS File permission canonicalization
[Classification: Attempted Administrator Privilege Gain   Priority: 10]:
213.140.0.183:4130 -> 195.103.148.109:80
Sep 20 16:01:13 lupin3 snort: database: mysql_error: Can't open file:
'iphdr.MYD'. (errno: 145) SQL=INSERT INTO iphdr (sid, cid, ip_src,
ip_dst, ip_ver,ip_hlen, ip_tos, ip_len, ip_id, ip_flags, ip_off,ip_ttl,
ip_proto, ip_csum) VALUES
('1','1293887','3582722231','3278345325','4','5','0','137','58439','0','0','119','6','61710')

Sep 20 16:01:13 lupin3 snort: WEB-IIS cmd.exe access [Classification:
Attempted User Privilege Gain   Priority: 8]: 213.140.0.183:4136 ->
195.103.148.109:80
Sep 20 16:01:13 lupin3 snort: database: mysql_error: Can't open file:
'iphdr.MYD'. (errno: 145) SQL=INSERT INTO iphdr (sid, cid, ip_src,
ip_dst, ip_ver,ip_hlen, ip_tos, ip_len, ip_id, ip_flags, ip_off,ip_ttl,
ip_proto, ip_csum) VALUES
('1','1293888','3582722231','3278345325','4','5','0','137','2120','0','0','119','6','52494')

Sep 20 16:01:13 lupin3 snort: WEB-IIS cmd.exe access [Classification:
Attempted User Privilege Gain   Priority: 8]: 213.140.0.183:4186 ->
195.103.148.109:80
Sep 20 16:01:13 lupin3 snort: database: mysql_error: Can't open file:
'iphdr.MYD'. (errno: 145) SQL=INSERT INTO iphdr (sid, cid, ip_src,
ip_dst, ip_ver,ip_hlen, ip_tos, ip_len, ip_id, ip_flags, ip_off,ip_ttl,
ip_proto, ip_csum) VALUES
('1','1293889','3582722231','3278345325','4','5','0','136','51272','0','0','119','6','3343')

Sep 20 16:01:16 lupin3 snort: WEB-IIS cmd.exe access [Classification:
Attempted User Privilege Gain   Priority: 8]: 213.140.0.183:3449 ->
195.103.148.114:80
Sep 20 16:01:16 lupin3 snort: database: mysql_error: Can't open file:
'iphdr.MYD'. (errno: 145) SQL=INSERT INTO iphdr (sid, cid, ip_src,
ip_dst, ip_ver,ip_hlen, ip_tos, ip_len, ip_id, ip_flags, ip_off,ip_ttl,
ip_proto, ip_csum) VALUES
('1','1293890','3582722231','3278345330','4','5','0','157','26700','0','0','119','6','27889')

Sep 20 16:01:21 lupin3 snort: MISC source port 53 to <1024
[Classification: Potentially Bad Traffic   Priority: 2]:
217.57.57.186:53 -> 193.41.78.10:53
Sep 20 16:01:21 lupin3 snort: database: mysql_error: Can't open file:
'iphdr.MYD'. (errno: 145) SQL=INSERT INTO iphdr (sid, cid, ip_src,
ip_dst, ip_ver,ip_hlen, ip_tos, ip_len, ip_id, ip_flags, ip_off,ip_ttl,
ip_proto, ip_csum) VALUES
('1','1293891','3644406202','3240709642','4','5','0','55','55798','0','0','120','17','18072')

Sep 20 16:01:22 lupin3 snort: WEB-IIS cmd.exe access [Classification:
Attempted User Privilege Gain   Priority: 8]: 195.103.230.99:1194 ->
195.103.148.201:80
Sep 20 16:01:22 lupin3 snort: database: mysql_error: Can't open file:
'iphdr.MYD'. (errno: 145) SQL=INSERT INTO iphdr (sid, cid, ip_src,
ip_dst, ip_ver,ip_hlen, ip_tos, ip_len, ip_id, ip_flags, ip_off,ip_ttl,
ip_proto, ip_csum) VALUES
('1','1293892','3278366307','3278345417','4','5','0','120','30484','0','0','119','6','35439')

Sep 20 16:01:26 lupin3 snort: WEB-IIS cmd.exe access [Classification:
Attempted User Privilege Gain   Priority: 8]: 193.41.215.26:2961 ->
193.41.78.216:80
Sep 20 16:01:26 lupin3 snort: database: mysql_error: Can't open file:
'iphdr.MYD'. (errno: 145) SQL=INSERT INTO iphdr (sid, cid, ip_src,
ip_dst, ip_ver,ip_hlen, ip_tos, ip_len, ip_id, ip_flags, ip_off,ip_ttl,
ip_proto, ip_csum) VALUES
('1','1293893','3240744730','3240709848','4','5','64','120','17052','0','0','108','6','9054')



Is there any way to safe my db???


Thanks very much

Alessandro Fiorenzi
Attachment: a.fiorenzi.vcf
Description: Card for Fiorenzi Alessandro
Current thread:

Problem with mysql Fiorenzi Alessandro (Sep 20)
- <Possible follow-ups>
- Re: Problem with mysql roman (Sep 20)