Snort mailing list archives
Acid/MySQL and remote sensors
From: "Lists" <lists () paladinss com>
Date: Mon, 17 Sep 2001 14:41:12 -0700
All, I have been successfully running Snort 1.8 on Win2k with ACID,MySql,PHP. I essentially followed the very good paper by Michael Steele on Silicon Defense's site. Questions- I have been unsuccessful in getting another sensor to log to the MySQL database on the main Snort box (the main box works beautiful). I have tried changing the: "output database: log, mysql, user=snort dbname=snort host=localhost" line in the new sensor's snort.conf to have the host=IP Address of main box. No go. Failure is not authorized to access database, although I don't believe the default setting per Michael's doc requires any remote auth. I notice in the MySQL .ini file that the default port (3306) is commented out. Also username and password fields are commented out. Do I need to modify these? Another issue: Anybody know how to force promisc. mode on a Linksys 10/100 card with Win2k? Internet search reveals nothing, card might not even support it. Anybody now cards that do? Ben Keepper _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Acid/MySQL and remote sensors Lists (Sep 17)
- <Possible follow-ups>
- RE: Acid/MySQL and remote sensors Lists (Sep 17)