RE: Mysql 101 (ACID config)

["Maarten Hartsuijker" <maarten () hartsuijker com>]

Hi Edward,

A new version of snort is almost always accompanied by a new mysql database
schema. In your case, you need to start using schema 1.06 in stead of 1.05.
If your old snort data is not that important to you, you could drop your
current database and start from scratch. If you like to keep a bit of
history, you could also create a new database (ie. snort19) and a new acid
document root (ie. acid19) and keep the old ones in tact for accessing old
data.

Anyway, here are some steps you can use for installing a new snort database:
1. Have mysql up and running
2. log in as root and create a snort19 database (create database snort19;)
3. cd snort-1.9.0
4. create tables: mysql -u root -h localhost -D snort19 -p <
./contrib/create_mysql
5. create add. tables: zcat ./contrib/snortdb-extra.gz | mysql -u root -D
snort19 -h localhost -p
6. give your snort user sufficient rights (if you are lazy: grant INSERT,
SELECT, DELETE, UPDATE on snort.* to snort19@localhost;)
7. give the user a password: UPDATE user SET
Password=PASSWORD('Mysqlsnortpw') WHERE user='snort19'; FLUSH PRIVILEGES;

Now you can install acid, add the user and database to the configuration,
edit DBlib_path, Chartlib_path and portscan file. Then create the acid alert
groups. Next add the user to snort.conf. Start snort, start your webserver
and you are back in business.

maarten






-------------------------------------------------------
This sf.net email is sponsored by:
Access Your PC Securely with GoToMyPC. Try Free Now
https://www.gotomypc.com/s/OSND/DD
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users