Snort mailing list archives

RE: Snort 2.0 as a Windows Service??

From: "Michael Steele" <michaels () silicondefense com>
Date: Wed, 23 Apr 2003 08:48:01 -0700

Russ,

Concerning the / in the documentation, they are correct. The
documentation may work with \ but I have not tested it. Some of the
programs were either converted from UNIX or are native UNIX but work
with Windows. I believe there is a warning in the docs that state
something to the effect that if the docs specify / not to use a \ or the
install may break.

-Michael
-- 
 Michael Steele | System Engineer / Support Technician     
 mailto:michaels () silicondefense com    
 Silicon Defense - The Cyber-War Defense Company
 Website: http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Uhte, Russ
Sent: Wednesday, April 23, 2003 5:37 AM
To: 'kerberos K'; 'snort-users () lists sourceforge net'
Subject: RE: [Snort-users] Snort 2.0 as a Windows Service??

Here is the output from that command:

C:\Snort\snort\bin>snort -c c:\snort\snort\etc\snort.conf -l 
c:\snort\snort\log -h 10.0.1.0.0/24 -
Running in IDS mode
Log directory = c:\snort\snort\log

Initializing Network Interface 
\Device\NPF_{2B69D982-02F2-4669-B6F4-A80FB5340CAB}

        --== Initializing Snort ==--
Initializing Output Plugins!
Decoding Ethernet on interface 
\Device\NPF_{2B69D982-02F2-4669-B6F4-A80FB5340CAB}
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file c:\snort\snort\etc\snort.conf

<..SNIP..>

database: compiled support for ( mysql odbc )
database: configured to use mysql
database:          user = snort
database: password is set
database: database name = snort
database:          host = 127.0.0.1
database:          port = 3306
database:   sensor name = Websrv15e
database:     sensor id = 2
database: schema version = 106
database: using the "alert" facility
database: compiled support for ( mysql odbc )
database: configured to use mysql
database:          user = snort
database: database name = snort
database:          host = 127.0.0.1
database:          port = 3306
database:   sensor name = Websrv15e
ERROR: database: mysql_error: Access denied for user: 
'snort@127.0.0.1' 
(Using password: NO)
Fatal Error, Quitting..


In your snort.conf file, do you have the proper username/password setup
for
your database?  I think what I would do from here is grab the
winsnortiis.pdf file from SiliconDefense and start at page 8.  Make sure
you
change your database output lines in snort.conf as shown on page 6 to
reflect the users that you create in the database.  See where that takes
you, and let me know.  

Also, Michael, if your reading this, I noticed a couple places in that
documentation that had "/" when they should have been "\".  I'd be happy
to
point those out to you if you would like.  Awesome document!!  Great
work!!

-Russ


---
CONFIDENTIALITY NOTICE: This email and any attachments are for the
exclusive
and confidential use of the intended recipient. If you are not the
intended
recipient, please do not read, distribute or take action in reliance
upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort 2.0 as a Windows Service?? kerberos K (Apr 22)
- RE: Snort 2.0 as a Windows Service?? Michael Steele (Apr 22)
- <Possible follow-ups>
- RE: Snort 2.0 as a Windows Service?? Uhte, Russ (Apr 22)
- RE: Snort 2.0 as a Windows Service?? kerberos K (Apr 22)
  - RE: Snort 2.0 as a Windows Service?? Erek Adams (Apr 23)
    - RE: Snort 2.0 as a Windows Service?? Michael Steele (Apr 23)
    - RE: Snort 2.0 as a Windows Service?? Erek Adams (Apr 23)
    - RE: Snort 2.0 as a Windows Service?? Erek Adams (Apr 23)
- RE: Snort 2.0 as a Windows Service?? Uhte, Russ (Apr 23)
  - RE: Snort 2.0 as a Windows Service?? Michael Steele (Apr 23)
- RE: Snort 2.0 as a Windows Service?? Uhte, Russ (Apr 23)
- RE: Snort 2.0 as a Windows Service?? Michael Steele (Apr 23)