Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Question?

From: Jed Pickel <jed () pickel net>
Date: Fri, 10 Aug 2001 14:04:59 -0400
From the snortdb faq...


I set up the database correctly, gave proper permissions, used the
correct configuration and the plugin still does not work. Why?

   If you use the "-A" or "-s" command line options, any output
   plugins defined in your configuration file will be ignored. If you
   want to use output plugins, you should avoid the "-A" and "-s"
   command line options and set up the associated output plugins.

Regards,

* Jed

On Fri, Aug 10, 2001 at 08:07:23AM -0600, James Friesen wrote:

Hi again.

Ok, confirmed action.  The following alert was syslog'd and notification
worked ok.

**] EXPLOIT x86 NOOP [**]
08/10-08:02:53.826902 207.46.235.150:80 -> 192.168.0.21:1720
TCP TTL:255 TOS:0x0 ID:0 IpLen:20 DgmLen:2841
***AP*** Seq: 0x0  Ack: 0x0  Win: 0x0  TcpLen: 20

But nothing logged to MySQL database, nor alerts posted to ACID (obviously).

Any suggestions would be appreciated.  Thanks.



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: