Snort mailing list archives

RE: ACID

From: Kevin Brown <Kevin.M.Brown () asu edu>
Date: Fri, 04 May 2001 08:06:21 -0700

"-A full" is overriding the configuration of the db plugin.  Remove it from
your command line.

-----Original Message-----
From: Larry Chuon [mailto:lchuon () hotmail com]
Sent: Thursday, May 03, 2001 22:11
To: snort-users () lists sourceforge net
Subject: [Snort-users] ACID

Hi everyone,

I installed, Apache, PHP, MySQL.  I then configured snort to log to the
database as follow: output database:log, mysql, user=xxx dbname=snort
host=yyy.

I started snort with the following syntax:
./snort -c ./snort.conf -l ./log -h 10.10.10.0/24 -Afull &

The alert file in ./log kept on growing, but the database showed 0 alert.  I
was able to launch ACID.  The statistics were all zeroes.

Can someone please help?

Larry
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

ACID Larry Chuon (May 03)
- Re: ACID Bamm Visscher (May 04)
- <Possible follow-ups>
- Re: ACID roman (May 04)
- RE: ACID Kevin Brown (May 04)
- RE:Acid Larry Chuon (May 06)
  - Re: RE:Acid Cedric Guillotin (May 07)
- Re: RE:Acid roman (May 07)