Snort mailing list archives

RE: ACID & MySQL (Sensor)

From: "Michael Steele" <michaels () winsnort com>
Date: Mon, 15 Dec 2003 08:29:26 -0800
I thought we had this all ironed out...

Ok, 

1) Make SURE MySQL is running, and make SURE you can access port 3306

Note: To test the port connection; if this is a stand alone machine where
MySQL and Snort are on the same box, and MySQL is bound to localhost
(127.0.0.1) then from a command prompt type: telnet 127.0.0.1 3306 and you
should receive a response back with the version of MySQL you are running.

2) sensor_name will be used in the Acid console to let you know which sensor
the alert originated from. This is very handy if you have several slave
sensors directed to one database.

3) The Stop Sigh; Sometimes IIS fails to initialize correctly. Try
restarting IIS from the services. Make SURE you have all the latest patches
installed.

Kindest regards,

The WINSNORT.com Management Team
--
Pick up your FREE Windows or UNIX Snort installation guides      
mailto:support () winsnort com
Website: http://www.winsnort.com
Snort: Open Source Network IDS - http://www.snort.org

________________________________________
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of David Newsom
Sent: Friday, December 12, 2003 6:04 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] ACID & MySQL (Sensor)

Anyone,

Trying to do the windows iis with MYSQL and Snort running, when I try to run
snort now by the command given in the instructions (snort de c
c:\snort\etc\snort.conf l c:\snort\log i1)  It starts up but then I get
this error

ERROR: database: mysql_error: Can't connect to MySQL server on '3306'
(10060) Fatal Error, Quitting..

Also, couple of questions:  What should sensor_name be or what does it
represent?

Oh, on the IIS, for the Virtual Directory for Console, I have a icon STOP
SIGN represented.

Any help is must appreciated, or the right direction towards corrections.
Thanks



Here is a couple of lines before the error comes up.
*********************************************************
database: compiled support for ( mysql odbc )
database: configured to use mysql
database:          user = snort
database: password is set
database: database name = snort
database:          host = 127.0.0.1
database:          port = 3306
database:   sensor name = JeffersonLofts
database:     sensor id = 1
database: schema version = 106
database: using the "log" facility
database: compiled support for ( mysql odbc )
database: configured to use mysql
database:          user = snort
database: password is set
database: database name = snort
database:          host = 3306
database:   sensor name = JeffersonLofts
ERROR: database: mysql_error: Can't connect to MySQL server on '3306'
(10060) Fatal Error, Quitting..

David Newsom







-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:

ACID & MySQL (Sensor) David Newsom (Dec 15)
- RE: ACID & MySQL (Sensor) Michael Steele (Dec 15)
- <Possible follow-ups>
- RE: ACID & MySQL (Sensor) David Newsom (Dec 15)