Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Winsnort help needed!

From: "Michael Steele" <michaels () winsnort com>
Date: Thu, 14 Apr 2005 12:12:53 -0700
There are more configurations above what you are showing in the BASE config
file. Make sure you have setup the variable to select the appropriate
database.

Kindest regards, 
Michael...

WINSNORT.com Management Team Member
-- 
Pick up your FREE Windows or UNIX Snort installation guides       
mailto:support () winsnort com
Website: http://www.winsnort.com
Snort: Open Source Network IDS - http://www.snort.org




-----Original Message-----
From: Peter Rodger [mailto:prodger2008 () yahoo com]
Sent: Thursday, April 14, 2005 11:26 AM
To: michaels () winsnort com
Subject: RE: [Snort-users] Winsnort help needed!

Michael,

Thank you so much for the reply.

Please see below the snort.conf and base config:

Here is the snort.conf output config:


# database: log to a variety of databases
# ---------------------------------------
# See the README.database file for more information
about configuring
# and using this plugin.
#
# output database: log, mysql, user=root password=test
dbname=db host=localhost
# output database: alert, postgresql, user=snort
dbname=snort
# output database: log, odbc, user=snort dbname=snort
# output database: log, mssql, dbname=snort user=snort
password=test
output database: log, mssql, dbname=snort user=snort
password=10gg3r
output database: alert, mssql, dbname=snort user=snort
password=10gg3r
# output database: log, oracle, dbname=snort
user=snort password=test


Here is the base output config:


 *  output plugin configuration.
 */
$alert_dbname   = "snort";
$alert_host     = "localhost";
$alert_port     = "";
$alert_user     = "base";
$alert_password = "111111";

/* Archive DB connection parameters */
$archive_dbname   = "archive";
$archive_host     = "localhost";
$archive_port     = "";
$archive_user     = "base";
$archive_password = "111111";

Let me know what I did wrong.  I am so overwhelming
with it.

Thanks,

Peter

--- Michael Steele <michaels () winsnort com> wrote:


Make SURE you have selected the appropriate database
in the BASE config
file.

Kindest regards,
Michael...

WINSNORT.com Management Team Member
--
Pick up your FREE Windows or UNIX Snort installation
guides
mailto:support () winsnort com
Website: http://www.winsnort.com
Snort: Open Source Network IDS -
http://www.snort.org



-----Original Message-----
From: snort-users-admin () lists sourceforge net

[mailto:snort-users-

admin () lists sourceforge net] On Behalf Of Briggs,

Bruce

Sent: Thursday, April 14, 2005 9:09 AM
To: Peter Rodger
Cc: snort-users () lists sourceforge net
Subject: RE: [Snort-users] Winsnort help needed!

Have you uncommented to appropriate output

database:  statement in

snort.conf?

-----Original Message-----
From: Peter Rodger [mailto:prodger2008 () yahoo com]
Sent: Thursday, April 14, 2005 10:06 AM
To: Briggs, Bruce
Cc: snort-users () lists sourceforge net
Subject: RE: [Snort-users] Winsnort help needed!

Bruce,

Thanks for the reply.


Did you set up IIS with the Console virtual
directory and set
base_main.php as the only Default Document?



YES.

I really do not know what's wrong.  I followed the
exact steps as the Guide says.

If I do not have the slave sensors, I took out the
sensor_name=HOSTNAME in snort.conf.  Is this

right?


Thanks for the help and hope that anyone can point

me

to the right direction.

Peter


--- "Briggs, Bruce" <Bruce.Briggs () suny edu> wrote:

Did you set up IIS with the Console virtual
directory and set
base_main.php as the only Default Document?

Bruce

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]

On

Behalf Of Peter
Rodger
Sent: Wednesday, April 13, 2005 5:58 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Winsnort help needed!

Hi,

I followed the installation guide for Windows

2003

IIS6 winsnort by Michael E. Steele.

I am stuck in the Base Console.  When I do
http://localhost/console/, I got nothing on the
screen.  All previous steps are OK.

I really do not know what's wrong.  I only have

a

Master sensor and I did not use

sensor_name=HOSTNAME

in snort.conf as I do not have slave sensors.

Any help will be welcomed.

Thanks,

Peter



__________________________________
Do you Yahoo!?
Yahoo! Mail - Find what you need with new

enhanced

search.
http://info.mail.yahoo.com/mail_250








-------------------------------------------------------

SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT
Products from real users.
Discover which products truly live up to the

hype.

Start reading now.






http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or
unsubscribe:






https://lists.sourceforge.net/lists/listinfo/snort-users

Snort-users list archive:






http://www.geocrawler.com/redir-sf.php3?list=snort-users









-------------------------------------------------------

SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT
Products from real users.
Discover which products truly live up to the

hype.

Start reading now.


http://ads.osdn.com/?ad_ide95&alloc_id396&op=click

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or
unsubscribe:






https://lists.sourceforge.net/lists/listinfo/snort-users

Snort-users list archive:






http://www.geocrawler.com/redir-sf.php3?list=snort-users






__________________________________
Do you Yahoo!?
Yahoo! Small Business - Try our new resources

site!

http://smallbusiness.yahoo.com/resources/






-------------------------------------------------------

SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT

Products from real users.

Discover which products truly live up to the hype.

Start reading now.

http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or

unsubscribe:





https://lists.sourceforge.net/lists/listinfo/snort-users

Snort-users list archive:




http://www.geocrawler.com/redir-sf.php3?list=ort-users










-------------------------------------------------------

SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT
Products from real users.


=== message truncated ===





__________________________________
Do you Yahoo!?
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/








-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: