Snort mailing list archives
FW: Beginner Help...
From: <support () nps-dc org>
Date: Fri, 1 Aug 2003 13:25:38 -0400
Check out the link Erek posted earlier: http://acidlab.sourceforge.net/acid_config.html There is a chart part way down that lists in an easy to follow matix form what needs to be enabled. Fernando -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Stevo Sent: Friday, August 01, 2003 11:09 AM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Beginner Help... I tried that and I can connect just fine.... are there any special permissions that need to be on that DB?? --Steve ----- Original Message ----- From: "Erek Adams" <erek () snort org> To: "Stevo" <checkpoint () ozbergs com> Cc: <snort-users () lists sourceforge net> Sent: Friday, August 01, 2003 7:43 AM Subject: Re: [Snort-users] Beginner Help...
On Thu, 31 Jul 2003, Stevo wrote:I've got Snort setup as per the http://www.snort.org/docs/snort_acid_rh9.pdf instructions... but I don't see any Alert at all in Acid. I have 2 interfaces in my Snort box, one for management and one for sniffing. The sniffer interface is connected to a switch (Cat4006) and I'm spanning our uplink port to the sniffer interface. I know that's working because if I do a tcpdump -i eth1 (the sniffer interface) I see ALL the traffic from our network... Snort is running and supposibly logging the my mysql db - should I see the number of records increasing in a certain table to make sure the data is in fact being logged there successfully?? I've been using Retina to scan my network to attempt to generate alerts, but that hasn't worked. Is there another tool I could use to generate "naughty" traffic?? Does anyone have any thing else I can check??Make sure that your user can connect to the DB. Use the MySQL command line to connect to the DB. Use the snortdb user that you created. I'm pretty sure that you don't have the permissions set right for the user. mysql -h <snort_host> -u snortdb -p Cheers! ----- Erek Adams "When things get weird, the weird turn pro." H.S. Thompson ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Beginner Help..., (continued)
- Re: Beginner Help... Patrick S. Harper - CISSP (Aug 01)
- FW: Beginner Help... support (Jul 31)
- Re: FW: Beginner Help... Erek Adams (Aug 01)
- Re: FW: Beginner Help... Stevo (Aug 01)
- RE: FW: Beginner Help... Brian Gregorcy (Aug 01)
- Re: FW: Beginner Help... Erek Adams (Aug 01)
- Re: FW: Beginner Help... Patrick S. Harper - CISSP (Aug 01)
- Re: FW: Beginner Help... Stevo (Aug 01)
- Re: FW: Beginner Help... Patrick S. Harper - CISSP (Aug 01)
- Re: FW: Beginner Help... Erek Adams (Aug 01)