Snort mailing list archives
Barnyard2 hangs when started with MySQL
From: "WGM IT" <at () wgm-it com>
Date: Wed, 11 May 2016 19:14:48 +0300
Hello, I have a problem with Barnyard2 - it hangs when started with MySQL. I would be very grateful to you for any proposals and comments. Step 1 sudo /usr/local/bin/snort -u snort -g snort -c /etc/snort/snort.conf -i eth0 -D OK Step 2 sudo barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo -g snort -u snort -D OK Step3 mysql -u snort -p -D snort -e "select count(*) from event" OK - MySQL events number increases (e.g. after ping) Step 4 Kill snort process kill barnyard2 process Step 5 sudo /usr/local/bin/pulledpork.pl -c /etc/snort/pulledpork.conf -l Errors when generating Stub Rules Step 6 sudo barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo -g snort -u snort -D barnyard2 hangs for 2 minutes Step 7 mysql -u snort -p -D snort -e "select count(*) from event" MySQL events number remains constant (e.g. after ping) Any ideas? Thanks a lot in advance for your cooperation. Best regards Alexej Teplitsky WGM IT +49 172 834 08 12 Skype: alexej.teplitsky
Attachment:
1. barnyard2_log before rules update.txt
Description:
Attachment:
2. barnyard2_log after rules update.txt
Description:
Attachment:
3. pulledpork_log.txt
Description:
Attachment:
4. snort.conf
Description:
Attachment:
5. barnyard2.conf
Description:
Attachment:
6. pulledpork.conf
Description:
------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Barnyard2 hangs when started with MySQL WGM IT (May 11)
- <Possible follow-ups>
- Barnyard2 hangs when started with MySQL WGM IT (May 11)