Snort mailing list archives
RE: error with mysql
From: Tinsley Paul <Paul.Tinsley () HCAhealthcare com>
Date: Wed, 21 May 2003 09:14:34 -0500
You don't mention whether MySQL by itself works, if you try this: mysql -u snort -h bugzilla.cnnic.net.cn -p12345678 snort Does it log you in? Also in the ruletype redalert { ... } section you are missing the password. -----Original Message----- From: gaojiang [mailto:gaojiang () cnnic cn] Sent: Monday, May 19, 2003 8:23 PM To: snort-users () lists sourceforge net Subject: [Snort-users] error with mysql Hi,all I installed snort-1.8.3 with mysql-8.23 on linux 8, but I encountered a problem when trying the following command /opt/ids/bin/snort -c /opt/ids/etc/snort.d/snort.conf Log directory = /var/log/snort Initializing Network Interface eth1 --== Initializing Snort ==-- Decoding Ethernet on interface eth1 Initializing Preprocessors! Initializing Plug-ins! Initializating Output Plugins! Parsing Rules file /opt/ids/etc/snort.d/snort.conf +++++++++++++++++++++++++++++++++++++++++++++++++++ Initializing rule chains... No arguments to frag2 directive, setting defaults to: Fragment timeout: 60 seconds Fragment memory cap: 4194304 bytes Stream4 config: Stateful inspection: ACTIVE Session statistics: INACTIVE Session timeout: 30 seconds Session memory cap: 8388608 bytes State alerts: INACTIVE Scan alerts: ACTIVE Log Flushed Streams: INACTIVE No arguments to stream4_reassemble, setting defaults: Reassemble client: ACTIVE Reassemble server: INACTIVE Reassemble ports: 21 23 25 53 80 143 110 111 513 Reassembly alerts: ACTIVE Back Orifice detection brute force: DISABLED Using LOCAL time database: compiled support for ( mysql ) database: configured to use mysql database: user = snort database: database name = snort database: host = bugzilla.cnnic.net.cn database: password is set database: sensor name = 159.226.7.50 database: sensor id = 1 database: schema version = 104 database: using the "log" facility database: compiled support for ( mysql ) database: configured to use mysql database: user = snort database: database name = snort database: host = bugzilla.cnnic.net.cn database: sensor name = 159.226.7.50 database: mysql_error: Access denied for user: 'snort () bugzilla cnnic net cn' <mailto:'snort () bugzilla cnnic net cn'> (Using password: NO) Fatal Error, Quitting.. HERE IS PART OF THE CONFIGURE FILE OF SNORT output database: log, mysql, user=snort dbname=snort host=bugzilla.cnnic.net.cn password=12345678 ruletype redalert { type alert output alert_syslog: LOG_AUTH LOG_ALERT output database: log, mysql, user=snort dbname=snort host=bugzilla.cnnic. net.cn } I CHANGED THE PASSWORD ABOVE TO AN INCORRECT ONE, ANT IT SAYS: database: mysql_error: Access denied for user: 'snort () bugzilla cnnic net cn' <mailto:'snort () bugzilla cnnic net cn'> (Using password: YES) WHY IT SAYS *NO* AT FIRST??? AS TO SAY MYSQL, I CREATED THE DATABASE AND TABLES WITH THE GUIDE OF SNORT AND DID THE FOLLOWING: mysql> use snort; Database changed mysql> GRANT all PRIVILEGES ON snort.* to snort () bugzilla cnnic net cn <mailto:snort () bugzilla cnnic net cn> IDENTIFIED BY '12345678'; Query OK, 0 rows affected (0.00 sec) mysql> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec) AT FIRST I ONLY GRANT INSERT AND SELECT TO SNORT,BUT THE PROBLEM STILL EXISTS. SO I EXPANDED ITS PRIVILEGES. HERE IS PART OF acid_conf.php $alert_dbname = "snort"; $alert_host = "159.226.7.50"; $alert_port = "3306"; $alert_user = "snort"; $alert_password = "12345678"; /* Archive DB connection parameters */ $archive_dbname = "snort_archive"; $archive_host = "localhost"; $archive_port = ""; $archive_user = "root"; $archive_password = "mypassword"; ANY SUGGESTIONS? THANKS A LOT.
Current thread:
- error with mysql gaojiang (May 21)
- Re: error with mysql Erek Adams (May 21)
- <Possible follow-ups>
- RE: error with mysql Tinsley Paul (May 21)
- RE: error with mysql Jonathan Jesse (May 21)