Snort mailing list archives
RE: Snortcenter2 and Rules update
From: John Hally <JHally () epnet com>
Date: Mon, 24 Jan 2005 09:40:07 -0500
Exactly what I did. I saw it in the tar, so I dropped my old db and ran that script to create the new one. I'll drop it and let SC2 create it. Thanks for the help! John. -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Trevor Benson Sent: Friday, January 21, 2005 6:42 PM To: Wes Young Cc: snort-users () lists sourceforge net Subject: RE: [Snort-users] Snortcenter2 and Rules update Does now ;). Didn't realize someone used the same name for a script in sc2, I just figured that was an outdated copy of the snort script in the sc2 tar. Good to know so I never try to use it. Trevor -----Original Message----- From: Wes Young [mailto:wcyoung () buffalo edu] Sent: Friday, January 21, 2005 2:13 PM To: Trevor Benson Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Snortcenter2 and Rules update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It doesnt do both db's... Just takes care of the SC2 DB when you first run SC2.. What I think she did was run the 'create_mysql' script that is laying around in the sc2 dir (jason, get rid of it ;-)) and created the SC2 db from that instead of letting the php scripts take care of it. There is a bug in that 'create_mysql' for sc2 db that brings up that error, but it was fixed with the code that set's up the db's via the website. make sense?? Trevor Benson wrote: | Ahh I see. I never knew anyone modded the mysql script to do both | databases. I will watch out for that. | | Thanks, | Trevor | | -----Original Message----- | From: Wes Young [mailto:wcyoung () buffalo edu] | Sent: Friday, January 21, 2005 1:44 PM | To: Trevor Benson | Cc: John Hally; snort-users () lists sourceforge net | Subject: Re: [Snort-users] Snortcenter2 and Rules update | | I was specifically referring to the SC2 db... not the snort db... | | there is a create_mysql in the snortcenter dir that is "supposed" to | create the SC2 db... but it doesnt seem to work right. You're better | off having the website create the db for you to avoid that error she | see's... | | Trevor Benson wrote: | | But that's not what I am getting at, the scripts create 2 DIFFERENT | | databases, so to finish installation you HAVE to use both the SC2 to | | create snortcenter database, and the create_mysql script from snort | | for the snort database. Or am I missing something big that changed | | in | sc2? | | | | Trevor | | | | -----Original Message----- | | From: Wes Young [mailto:wcyoung () buffalo edu] | | Sent: Friday, January 21, 2005 12:40 PM | | To: Trevor Benson | | Cc: John Hally; snort-users () lists sourceforge net | | Subject: Re: [Snort-users] Snortcenter2 and Rules update | | | | right, that was what i was getting at, there is an error if you try | | to | | | use the script, but if you let SC2 do it, it should work properly... | | | | Trevor Benson wrote: | | | Wes, | | | | | | If I remember right sc2 will create a snortcenter database, | | | where | | | | the mysql script is to specifically create the snort database | | | where logging occurs. | | | | | | Trevor | | | | | | -----Original Message----- | | | From: snort-users-admin () lists sourceforge net | | | [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Wes | | | Young | | | Sent: Friday, January 21, 2005 6:37 AM | | | To: John Hally | | | Cc: snort-users () lists sourceforge net | | | Subject: Re: [Snort-users] Snortcenter2 and Rules update | | | | | | Did you let SC2 create the db or did you do it via the mysql script? | | | | | | John Hally wrote: | | | | Hello All, | | | | | | | | | | | | | | | | I just got finished setting up Snortcenter2 and I get the | | | | following error when trying to update the rules from the internet. | | | | | Did I flub | | | | | | up the mysql tables during install or something? | | | | | | | | | | | | | | | | *Database ERROR:Database ERROR:*Unknown column 'byte_jump' in | | | | 'field | | | list' | | | | | | | | | | | | | | | | THANKS! | | | | | | | | | | -- | | | Wes Young | | | Network Security Analyst | | | University at Buffalo | | | GPG Key: | | | http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html | | | | ------------------------------------------------------- | | This SF.Net email is sponsored by: IntelliVIEW -- Interactive | | Reporting Tool for open source databases. Create drag-&-drop reports. | | Save time by over 75%! Publish reports on the web. Export to DOC, | | XLS, | RTF, etc. | | Download a FREE copy at http://www.intelliview.com/go/osdn_nl | | _______________________________________________ | | Snort-users mailing list | | Snort-users () lists sourceforge net | | Go to this URL to change user options or unsubscribe: | | https://lists.sourceforge.net/lists/listinfo/snort-users | | Snort-users list archive: | | http://www.geocrawler.com/redir-sf.php3?list=snort-users | | | | | | | | -- | | Wes Young | | Network Security Analyst | | University at Buffalo | | GPG Key: | | http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html | | -- | Wes Young | Network Security Analyst | University at Buffalo | GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html - -- Wes Young Network Security Analyst University at Buffalo GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iD8DBQFB8X5gzLe0Tk6uDXYRAhauAKCkxJSOIZMTczo/FygEdNurVE/i6gCgsz7t sCJVoEaw3k1+pH0IE/NUo8s= =yJnm -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snortcenter2 and Rules update John Hally (Jan 20)
- Re: Snortcenter2 and Rules update Wes Young (Jan 21)
- <Possible follow-ups>
- RE: Snortcenter2 and Rules update Trevor Benson (Jan 21)
- Re: Snortcenter2 and Rules update Wes Young (Jan 21)
- RE: Snortcenter2 and Rules update Trevor Benson (Jan 21)
- Re: Snortcenter2 and Rules update Wes Young (Jan 21)
- RE: Snortcenter2 and Rules update Trevor Benson (Jan 21)
- Re: Snortcenter2 and Rules update Wes Young (Jan 21)
- RE: Snortcenter2 and Rules update Trevor Benson (Jan 21)
- RE: Snortcenter2 and Rules update John Hally (Jan 24)