Snort WIN32 (Logging to UNIX MySQL DB) error

["William D. Pool" <locutus () icephyre net>]

When, I Do test configuration this is what I get.   I've been to Silicon
Defense, but the docs all cover installing a full blown IDS system.

I'm interested in two things:

How to Install Snort with MySQL support
Have Snort log to the UNIX DB.

Are there any docs or instructions for doing this simple task?

I got the UNIX part figured out, I'm not familar with the Microsoft stuff.
Any advice / steps / procedures would be appricated.


William D. Pool
www.icephyre.net
_____________________________________________
GPG Public ID: EE3D7A83                      |
PGP6 Public ID: 065DEF8B
----------------------------------------------
"Reality, is only fiction put into production"

---------- Forwarded message ----------
Date: Fri, 18 Jan 2002 10:06:05 -0600 (CST)
From: William D. Pool <locutus () icephyre net>
To: Michael Steele <michaels () silicondefense com>
Subject: RE: [Snort-users] Snort 183 Windows Binary (Flex+MySQL Support)

Okay, I'm getting another error it is:

WARNING: command line overrides rules file alert plugin
ERROR: Unable to open rules file: classification.config or
./classification.config

Fatal Error, Quitting..


The file is there and is read/writeable.  Other ideas?

This might sound dumb, but isn't there a way to just have the directory
have everything i Need for 2K and just run snort.exe ?

Thanks,


William D. Pool
www.icephyre.net
_____________________________________________
GPG Public ID: EE3D7A83                      |
PGP6 Public ID: 065DEF8B
----------------------------------------------
"Reality, is only fiction put into production"

On Wed, 16 Jan 2002, Michael Steele wrote:

> William,
>
> Remove the entire install of Snort and manually install each package. Be
> absolutely sure that you have removed all of WinPcap prior to installing
> the latest release, not the BETA! Check our site out for the complete
> installation instructions for Windows.
>
> -Mike
>
> Commercial Snort Support <<->> 1.866.41.SNORT
>   Silicon Defense - www.silicondefense.com
>     Home of the new SENTRUS Snort sensor!
>   Michael Steele - Snort Support Technician
>
>
> -----Original Message-----
> From: snort-users-admin () lists sourceforge net
> [mailto:snort-users-admin () lists sourceforge net] On Behalf Of William D.
> Pool
> Sent: Wednesday, January 16, 2002 9:39 AM
> To: snort-users () lists sourceforge net
> Subject: [Snort-users] Snort 183 Windows Binary (Flex+MySQL Support)
>
>
> I've downloaded the Windows binary for Snort 1.8.3 that includes Flexrp
> and MySQL support.
>
> I configure everything the way It's supposed to (or believe for this
> program), but get the following error.
>
> If anyone knows how to get past this I'd greatly appricate the knowlege.
> Thanks.
>
> |> IDScenter test console <|
> --Press ENTER after checking Snorts output --
> Log directory = log
>
> Initializing Network Interface \
> ERROR: OpenPcap<> FSM compilation failed:
>       Syntax error
> PCAPM command: Files\Sourcefire\Snort\snort.conf -l C:\Program
> Files\Sourcefire\Snort -A full -h any
> Fatal Error, Quitting..
>
>
> William D. Pool
> www.icephyre.net
> _____________________________________________
> GPG Public ID: EE3D7A83                            |
> PGP6 Public ID: 065DEF8B
> ----------------------------------------------
> "Reality, is only fiction put into production"
>
>
>
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users