Snort mailing list archives
RE: Access denied for user: '@192.168.0.1' -SNORT-
From: "Michael Steele" <michaels () silicondefense com>
Date: Mon, 10 Feb 2003 23:17:59 -0800
Kenneth, I got confused. He has got too much going on and it looks like it's his first install. The best thing to do is not to try to get these all connected and logging. There are just to may variables to consider for someone new to doing this. Stop and get the main sensor logging alerts then connect and slave sensors to the master console. -Michael Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Kenneth G. Arnold Sent: Monday, February 10, 2003 6:36 PM To: mike Hughes Cc: Snort-users () lists sourceforge net Subject: Re: [Snort-users] Access denied for user: '@192.168.0.1' -SNORT- OK now I am really confused. You say that the eth0 interface of the linux machine is connected to the internet, not the local LAN and that it has an IP address of 142.178.22.12. You say that the eth1 interface is connected to the local LAN with an IP address of 192.168.0.1. Then you say that when you connect to the linux machine from the Windows machine you are logging into the eth0 interface of 142.178.22.12. Why aren't you logging into the eth1 interface of 192.168.0.1? Isn't this your network? Windows Linux 192.168.0.69 <----LAN--> 192.168.0.1<- -> 142.178.22.12<-Internet MySQL,ACID, etc. eth1 Snort eth0 Ken On Mon, 10 Feb 2003, mike Hughes wrote:
HERE IS MY SETUP SOO you guys can see what im trying to do better: --192.168.0.69 Windows mahine running myql,acid,activeworkx ids (managment machine)-- --192.168.0.1 This is my LAN inetrface on my Linux Machine eth1 GATEWAY for my LAN-- --142.178.22.12 This is my eth0 on my linux machine the interface conencted to the internet-- I have not set anyhitng on MYSQL on my LINUX machine i just installed the all the RPMS like the reference said-- Ok here is the output of the mysql commands on my windows machine(192.168.0.69) mysql> SHOW DATABASES; +----------+ | Database | +----------+ | mysql | | snort | | test | +----------+ 3 rows in set (0.00 sec) mysql> SHOW GRANTS FOR root@localhost -> ; +---------------------------------------------------------------------+ | Grants for root@localhost | +---------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION | +---------------------------------------------------------------------+ 1 row in set (0.00 sec) mysql> SHOW GRANTS FOR sensor1@192.168.0.1 -> ;
+--------------------------------------------------------------------------- ----
-------+ | Grants for sensor1@192.168.0.1 |
+--------------------------------------------------------------------------- ----
-------+ | GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `snort`.* TO 'sensor1'@'192.16 8.0.1' |
+--------------------------------------------------------------------------- ----
-------+ 1 row in set (0.00 sec) mysql> Ok when i connect to the linux using PUUTY from my management machine windows (192.168.0.69) using putty port 22 I log on to eth0 on my linux machine(142.178.22.12) as root then running this command: snort-mysql+flexresp -v -c /etc/snort/snort.conf I get this error: database: mysql_error: Can't connect to MySQL server on '192.168.0.69'
(110)
Fatal Error, Quitting.. Can you see whats wrong yet? with my settings? Soo i hope that clears things up for you too see what im trying to do! Thanks for you help guys!;) _________________________________________________________________ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- Kenneth G. Arnold (Feb 10)
- <Possible follow-ups>
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- twig les (Feb 10)
- RE: Access denied for user: '@192.168.0.1' -SNORT- Schmehl, Paul L (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- twig les (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- Kenneth G. Arnold (Feb 10)
- RE: Access denied for user: '@192.168.0.1' -SNORT- Michael Steele (Feb 10)
- ACID - Which Database? Yaakov Yehudi (Feb 11)
- Re: ACID - Which Database? Ken Gunderson (Feb 11)
- Re: ACID - Which Database? Paul B. Poh (Feb 11)
- Re: ACID - Which Database? Yaakov Yehudi (Feb 12)