Snort mailing list archives
snort connection problem
From: Phillip Dowdy <phillip.dowdy () rkeng com>
Date: Fri, 30 Nov 2001 15:16:58 -0500
I am running the following setup: RedHat 7.1 with kernel 2.4.2-2 Snort 1.8.1-RELEASE with db schema 103; on 29NOV01 I installed Snort 1.8.2 with db schema 104 mysql-3.23.36-1 adodb 154 ACID v0.9.6b11 While checking /var/log/mysqld.log I found many instances of the following two types messages: 011126 6:54:11 Aborted connection 2 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011126 6:54:11 Aborted connection 1 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011126 16:52:01 Aborted connection 117 to db: 'snort' user: 'root' host: `localhost' (Got an error reading communication packets) 011126 16:52:01 Aborted connection 118 to db: 'snort' user: 'root' host: `localhost' (Got an error reading communication packets) 011126 23:04:36 Aborted connection 28 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011126 23:34:50 Aborted connection 22 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011126 23:35:01 Aborted connection 5 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011126 23:45:41 Aborted connection 45 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011126 23:47:19 Aborted connection 19 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011126 23:48:30 Aborted connection 21 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011126 23:54:14 Aborted connection 40 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011126 23:54:19 Aborted connection 27 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011127 1:03:14 Aborted connection 124 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011127 1:03:14 Aborted connection 123 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011129 0:33:39 Aborted connection 2 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011129 0:33:39 Aborted connection 1 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011129 17:06:52 Aborted connection 119 to db: 'snort' user: 'root' host: `localhost' (Got an error reading communication packets) 011129 17:16:47 Aborted connection 121 to db: 'snort' user: 'root' host: `localhost' (Got an error reading communication packets) 011129 17:27:30 Aborted connection 124 to db: 'snort' user: 'root' host: `localhost' (Got an error reading communication packets) 011129 17:27:30 Aborted connection 125 to db: 'snort' user: 'root' host: `localhost' (Got an error reading communication packets) 011129 17:30:06 Aborted connection 126 to db: 'snort' user: 'root' host: `localhost' (Got an error reading communication packets) 011129 17:30:06 Aborted connection 127 to db: 'snort' user: 'root' host: `localhost' (Got an error reading communication packets) 011130 0:01:46 Aborted connection 3 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011130 0:33:02 Aborted connection 4 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011130 1:03:42 Aborted connection 9 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011130 1:23:37 Aborted connection 7 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011130 1:26:38 Aborted connection 5 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011130 1:29:38 Aborted connection 6 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011130 1:32:39 Aborted connection 93 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011130 1:33:30 Aborted connection 139 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011130 1:33:30 Aborted connection 138 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) 011130 1:33:53 Aborted connection 8 to db: 'snort' user: 'root' host: `localhost' (Got timeout reading communication packets) Snort is logging alerts to the database on days that theses messages are in the log, but not during the hour that these messages appear in the log. This looks like a problem to me, but I am novice with MySQL, Snort, adodb, and ACID (intermediate experience with RedHat Linux). Is this normal? Have I obviously misconfigured something? Thanks in advance, Phillip _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort connection problem Phillip Dowdy (Nov 30)