Snort mailing list archives
Re: Access denied for user: '@192.168.0.1' -SNORT-
From: "mike Hughes" <mikehughes013 () hotmail com>
Date: Mon, 10 Feb 2003 22:37:04 -0800
Hey Guys...Alright i used PUTY from my windows machine logged on to 192.168.0.1 ran this command:
snort-mysql+flexresp v c /etc/snort/snort.conf I didnt get an error message it started to show TRAFFIC like this: 02/10-19:39:24.242446 64.4.8.250:80 -> 148.59.13.124:2471TCP TTL:51 TOS:0x28 ID:17146 IpLen:20 DgmLen:576 ***A**** Seq: 0xD2048DE9 Ack: 0x443B250E Win: 0x4470 TcpLen: 32 TCP Options (12) => NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP
I had the database waiting for my eth0 internet interface instead of my LAN on sensor1@192.168.0.1 i had it like sensor1@172.142.64.11 my internet ip addy.
Soo now FROM MY WINDOWS machine i ran this command too see if it was logging anything to my adatabase : ! but it wasnt ! ...
mysql -u snort -p Enter password: use snort; select count(*) from event; +----------+ | count(*) | +----------+ | 0 | +----------+ 1 row in set (0.00 sec)But shouldnt there be alerts in there soo its not logging to my WINDOWS database yet...Sooo what can i try from here to LOG to my DATABASE any idea how to DEBUG from here:
Thanks GUYS...;) _________________________________________________________________STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Access denied for user: '@192.168.0.1' -SNORT-, (continued)
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- twig les (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- Kenneth G. Arnold (Feb 10)
- RE: Access denied for user: '@192.168.0.1' -SNORT- Michael Steele (Feb 10)
- ACID - Which Database? Yaakov Yehudi (Feb 11)
- Re: ACID - Which Database? Ken Gunderson (Feb 11)
- Re: ACID - Which Database? Paul B. Poh (Feb 11)
- Re: ACID - Which Database? Yaakov Yehudi (Feb 12)
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- RE: Access denied for user: '@192.168.0.1' -SNORT- Kenneth G. Arnold (Feb 11)
- Re: RE: Access denied for user: '@192.168.0.1' -SNORT- Erek Adams (Feb 11)
- RE: Access denied for user: '@192.168.0.1' -SNORT- Erek Adams (Feb 12)