Snort mailing list archives

RE: snort on nt 4.0

From: "Johnson, David" <DJohnson () IronMountain com>
Date: Wed, 29 Aug 2001 12:21:23 -0400

Go to http://www.silicondefense.com/techsupport/windows.htm and click on the
link to download "Snort 1.8.1 MySQL Binary" (The link is duplicated here:
http://www.silicondefense.com/software/win32/Support_1.8/Snort-1.8.1-win32-M
ySQL-static.zip )

You have downloaded the WIN32 version without MySQL support.

-----Original Message-----
From: Schmeits, Roger [mailto:schmeits () clarksoncollege edu]
Sent: Wednesday, August 29, 2001 8:16 AM
To: 'snort'; 'sansug'
Subject: [Snort-users] snort on nt 4.0


I am in the process of installing Snort 1.8 on a NT 4.0 server with MySQL.
What I have done so far:
installed WinPcap 2.2
windows installer
mysql 3.23.41 (installed and running)
snort 1.8.1
lastest snort rules
created db called snort usin create_mysql
edited snort.conf to include 
var HOME_NET xxx.xxx.xxx.0/24 #Class B address space
output database: log, mysql, user=snort password=snort dbname=snort
host=localhost

****
Please read errors at end of message.
Does snort 1.8 have support for mysql???
****

Any help would be greatly appreciated.  

Roger
*************************************************************************
This is the error I am receiving.................
C:\snort\bin>snort -c snort.conf -l c:\snort\logs
Log directory = c:\snort\logs

        --== Initializing Snort ==--
Checking PID path...

Initializing Network Interface \
Decoding Ethernet on interface \Device\Packet_NdisWan4
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
Parsing Rules file snort.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
No arguments to frag2 directive, setting defaults to:
    Fragment timeout: 60 seconds
    Fragment memory cap: 4194304 bytes
Stream4 config:
    Stateful inspection: ACTIVE
    Session statistics: INACTIVE
    Session timeout: 30 seconds
    Session memory cap: 8388608 bytes
    State alerts: INACTIVE
    Scan alerts: ACTIVE
No arguments to stream4_reassemble, setting defaults:
     Reassemble client: ACTIVE
     Reassemble server: INACTIVE
     Reassemble ports: 21 23 25 53 80 143 110 111 513
     Reassembly alerts: ACTIVE
Back Orifice detection brute force: DISABLED
Using LOCAL time
database: compiled support for ( )
database: configured to use mysql
database: mysql support is not compiled in this copy

 Check your configuration file to be sure you did not mis-spell "mysql".
 If you did not, you will need to reconfigure and recompile ensuring that
 you have set the correct options to the configure script. Type
 "./configure --help" to see options for the configure script.

Fatal Error, Quitting..


****************************************************************************
***


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort on nt 4.0 Schmeits, Roger (Aug 29)
- Re: snort on nt 4.0 Joe McAlerney (Aug 29)
- <Possible follow-ups>
- RE: snort on nt 4.0 Johnson, David (Aug 29)
- RE: snort on nt 4.0 Dave Elfering (Aug 29)