Snort mailing list archives
Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user
From: Kurt J <technicalfriend () yahoo com>
Date: Thu, 2 May 2013 22:39:52 -0700 (PDT)
For SNORT I just went ahead and exited it again to catch this status report output for the last session I ran it, and now some events have been caught but it does not seem like very many yet for all the zenmap scans I have hit it with of several kinds, but maybe its normal for a default new untuned rule set: This is the command I am using now to run snort: ./snort -dev -k none -c /etc/snort/snort.conf C*** Caught Int-Signal =============================================================================== Run time for packet processing was 3181.920158 seconds Snort processed 149889 packets. Snort ran for 0 days 0 hours 53 minutes 1 seconds Pkts/min: 2828 Pkts/sec: 47 =============================================================================== Packet I/O Totals: Received: 298092 Analyzed: 149889 ( 50.283%) Dropped: 148203 ( 33.207%) Filtered: 0 ( 0.000%) Outstanding: 148203 ( 49.717%) Injected: 0 =============================================================================== Breakdown by protocol (includes rebuilt packets): Eth: 149916 (100.000%) VLAN: 0 ( 0.000%) IP4: 149713 ( 99.865%) Frag: 0 ( 0.000%) ICMP: 1584 ( 1.057%) UDP: 12154 ( 8.107%) TCP: 135975 ( 90.701%) IP6: 52 ( 0.035%) IP6 Ext: 52 ( 0.035%) IP6 Opts: 0 ( 0.000%) Frag6: 0 ( 0.000%) ICMP6: 0 ( 0.000%) UDP6: 52 ( 0.035%) TCP6: 0 ( 0.000%) Teredo: 0 ( 0.000%) ICMP-IP: 0 ( 0.000%) IP4/IP4: 0 ( 0.000%) IP4/IP6: 0 ( 0.000%) IP6/IP4: 0 ( 0.000%) IP6/IP6: 0 ( 0.000%) GRE: 0 ( 0.000%) GRE Eth: 0 ( 0.000%) GRE VLAN: 0 ( 0.000%) GRE IP4: 0 ( 0.000%) GRE IP6: 0 ( 0.000%) GRE IP6 Ext: 0 ( 0.000%) GRE PPTP: 0 ( 0.000%) GRE ARP: 0 ( 0.000%) GRE IPX: 0 ( 0.000%) GRE Loop: 0 ( 0.000%) MPLS: 0 ( 0.000%) ARP: 151 ( 0.101%) IPX: 0 ( 0.000%) Eth Loop: 0 ( 0.000%) Eth Disc: 0 ( 0.000%) IP4 Disc: 0 ( 0.000%) IP6 Disc: 0 ( 0.000%) TCP Disc: 0 ( 0.000%) UDP Disc: 0 ( 0.000%) ICMP Disc: 0 ( 0.000%) All Discard: 0 ( 0.000%) Other: 0 ( 0.000%) Bad Chk Sum: 0 ( 0.000%) Bad TTL: 0 ( 0.000%) S5 G 1: 14 ( 0.009%) S5 G 2: 13 ( 0.009%) Total: 149916 =============================================================================== Action Stats: Alerts: 37 ( 0.025%) Logged: 37 ( 0.025%) Passed: 0 ( 0.000%) Limits: Match: 0 Queue: 0 Log: 3 Event: 0 Alert: 0 Verdicts: Allow: 149464 ( 50.140%) Block: 0 ( 0.000%) Replace: 0 ( 0.000%) Whitelist: 425 ( 0.143%) Blacklist: 0 ( 0.000%) Ignore: 0 ( 0.000%) =============================================================================== Frag3 statistics: Total Fragments: 0 Frags Reassembled: 0 Discards: 0 Memory Faults: 0 Timeouts: 0 Overlaps: 0 Anomalies: 0 Alerts: 0 Drops: 0 FragTrackers Added: 0 FragTrackers Dumped: 0 FragTrackers Auto Freed: 0 Frag Nodes Inserted: 0 Frag Nodes Deleted: 0 =============================================================================== Stream5 statistics: Total sessions: 74341 TCP sessions: 63607 UDP sessions: 10734 ICMP sessions: 0 IP sessions: 0 TCP Prunes: 0 UDP Prunes: 0 ICMP Prunes: 0 IP Prunes: 0 TCP StreamTrackers Created: 63607 TCP StreamTrackers Deleted: 63607 TCP Timeouts: 1 TCP Overlaps: 2 TCP Segments Queued: 3068 TCP Segments Released: 3068 TCP Rebuilt Packets: 822 TCP Segments Used: 2383 TCP Discards: 47 TCP Gaps: 14 UDP Sessions Created: 10734 UDP Sessions Deleted: 10734 UDP Timeouts: 0 UDP Discards: 0 Events: 198 Internal Events: 0 TCP Port Filter Dropped: 0 Inspected: 0 Tracked: 135948 UDP Port Filter Dropped: 0 Inspected: 82 Tracked: 10734 =============================================================================== HTTP Inspect - encodings (Note: stream-reassembled packets included): POST methods: 24 GET methods: 212 HTTP Request Headers extracted: 257 HTTP Request Cookies extracted: 54 Post parameters extracted: 25 HTTP response Headers extracted: 257 HTTP Response Cookies extracted: 4 Unicode: 0 Double unicode: 0 Non-ASCII representable: 0 Directory traversals: 0 Extra slashes ("//"): 8 Self-referencing paths ("./"): 0 HTTP Response Gzip packets extracted: 91 Gzip Compressed Data Processed: 1220760.00 Gzip Decompressed Data Processed: 4050292.00 Total packets processed: 4213 =============================================================================== SMTP Preprocessor Statistics Total sessions : 0 Max concurrent sessions : 0 =============================================================================== dcerpc2 Preprocessor Statistics Total sessions: 0 =============================================================================== SSL Preprocessor: SSL packets decoded: 563 Client Hello: 88 Server Hello: 91 Certificate: 83 Server Done: 179 Client Key Exchange: 78 Server Key Exchange: 26 Change Cipher: 166 Finished: 0 Client Application: 48 Server Application: 27 Alert: 51 Unrecognized records: 198 Completed handshakes: 0 Bad handshakes: 0 Sessions ignored: 17 Detection disabled: 41 =============================================================================== SIP Preprocessor Statistics Total sessions: 0 =============================================================================== Reputation Preprocessor Statistics Total Memory Allocated: 0 =============================================================================== Snort exiting ________________________________ From: beenph <beenph () gmail com> To: Lars <technicalfriend () yahoo com> Cc: "snort-users () lists sourceforge net" <snort-users () lists sourceforge net> Sent: Friday, May 3, 2013 12:23 AM Subject: Re: [Snort-users] Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user On Fri, May 3, 2013 at 12:17 AM, Lars <technicalfriend () yahoo com> wrote:
Maybe we need to rebuild Snort? All these good checks and verifications on our config files and all that but the problem remains the same.
Which problem? i) Post your snort command line. ii) Post your barnyard2 command line iii) Post your snort config. iv) Post your barnyard2 config ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user, (continued)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 07)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user waldo kitty (May 07)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Kurt Jensen (Apr 30)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user beenph (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user beenph (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Kurt J (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Kurt J (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 03)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user beenph (May 03)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user beenph (May 02)