Snort mailing list archives
Re: snort/ACID/MySQL
From: Scott Nursten <scottn () s2s ltd uk>
Date: Wed, 27 Mar 2002 08:34:41 +0000
Hey John, Definitely not common. I have done multiple configs with snort logging to remote MySQL DB's and have definitely gotten it working with very standard grant entries...! If you'd like me to send you a copy of the configs, and the steps I followed, let me know. Regards, Scott On 27/3/02 6:56 am, "John Sage" <jsage () finchhaven com> wrote:
Hello world.. Is it common to have to run MySQL skip-grant-tables to get away from myriad ERROR 1045 "Access denied for: 'user blah.host.host' (Using password = YES)" errors, trying to connect to a snort DB off on another box? I was trying to get my firewall box to do this: <snort.conf fragment> # output database: alert, mysql, user=blah dbname=snort host=sparky encoding=hex detail=full # </snort.conf fragment> to go and send the alerts off to another box for analysis. This is after _hours_ tweaking mysql's user and host tables with passwords and users and FQDN's and IP addresses, and "mysqladmin flush-privileges" and "flush-hosts" over and over again. So I threw up my hands and added skip-grant-tables to /etc/my.cnf and restarted mysqld and off we went, first try. Now that it works, I guess I don't care, but I was just wondering... - John
-- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort/ACID/MySQL John Sage (Mar 26)
- Re: snort/ACID/MySQL Dushyanth Harinath (Mar 26)
- Re: snort/ACID/MySQL John Sage (Mar 27)
- Re: snort/ACID/MySQL Scott Nursten (Mar 27)
- Re: snort/ACID/MySQL Dushyanth Harinath (Mar 26)