RE: Access denied for user: '@192.168.0.1' -SNORT-

["Michael Steele" <michaels () silicondefense com>]

Kenneth,

I got confused. He has got too much going on and it looks like it's his
first install. The best thing to do is not to try to get these all connected
and logging. There are just to may variables to consider for someone new to
doing this.

Stop and get the main sensor logging alerts then connect and slave sensors
to the master console.

 -Michael

 Michael Steele | System Engineer / Support Technician
 mailto:michaels () silicondefense com
 Silicon Defense: IDS solutions - http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Kenneth G.
Arnold
Sent: Monday, February 10, 2003 6:36 PM
To: mike Hughes
Cc: Snort-users () lists sourceforge net
Subject: Re: [Snort-users] Access denied for user: '@192.168.0.1' -SNORT- 

OK now I am really confused.  You say that the eth0 interface of the linux
machine is connected to the internet, not the local LAN and that it has an
IP address of 142.178.22.12.  You say that the eth1 interface is connected
to the local LAN with an IP address of 192.168.0.1.  Then you say that
when you connect to the linux machine from the Windows machine you are
logging into the eth0 interface of 142.178.22.12.  Why aren't you logging
into the eth1 interface of 192.168.0.1? Isn't this your network?


Windows                             Linux


192.168.0.69 <----LAN--> 192.168.0.1<- -> 142.178.22.12<-Internet

MySQL,ACID, etc.         eth1        Snort     eth0

Ken

On Mon, 10 Feb 2003, mike Hughes wrote:

> HERE IS MY SETUP SOO you guys can see what im trying to do better:
>
> --192.168.0.69
> Windows mahine running myql,acid,activeworkx ids (managment machine)--
>
> --192.168.0.1
> This is my LAN inetrface on my Linux Machine eth1 GATEWAY for my LAN--
>
> --142.178.22.12
> This is my eth0 on my linux machine the interface conencted to the
> internet--
>
> I have not set anyhitng on MYSQL on my LINUX machine i just installed the
> all the RPMS like the reference said--
>
>
> Ok here is the output of the mysql commands on my windows
> machine(192.168.0.69)
>
> mysql> SHOW DATABASES;
> +----------+
> | Database |
> +----------+
> | mysql    |
> | snort    |
> | test     |
> +----------+
> 3 rows in set (0.00 sec)
>
> mysql> SHOW GRANTS FOR root@localhost
>    -> ;
> +---------------------------------------------------------------------+
> | Grants for root@localhost                                           |
> +---------------------------------------------------------------------+
> | GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION |
> +---------------------------------------------------------------------+
> 1 row in set (0.00 sec)
>
> mysql> SHOW GRANTS FOR sensor1@192.168.0.1
>    -> ;
+---------------------------------------------------------------------------
----
> -------+
> | Grants for sensor1@192.168.0.1
>       |
+---------------------------------------------------------------------------
----
> -------+
> | GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `snort`.* TO
> 'sensor1'@'192.16
> 8.0.1' |
+---------------------------------------------------------------------------
----
> -------+
> 1 row in set (0.00 sec)
>
> mysql>
>
> Ok when i connect to the linux using PUUTY from my management machine
> windows (192.168.0.69) using putty port 22 I log on to eth0 on my linux
> machine(142.178.22.12) as root then running this command:
>
> snort-mysql+flexresp -v -c /etc/snort/snort.conf
>
> I get this error:
>
>
> database: mysql_error: Can't connect to MySQL server on '192.168.0.69'
(110)
> Fatal Error, Quitting..
>
> Can you see whats wrong yet? with my settings?
> Soo i hope that clears things up for you too see what im trying to do!
> Thanks for you help guys!;)
>
>
>
>
>
> _________________________________________________________________
> The new MSN 8: smart spam protection and 2 months FREE*
> http://join.msn.com/?page=features/junkmail
>
>
>
> -------------------------------------------------------
> This SF.NET email is sponsored by:
> SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
> http://www.vasoftware.com
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users


-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users