Snort mailing list archives
RE: snort on nt 4.0
From: Dave Elfering <elfering () wernerlogistics com>
Date: Wed, 29 Aug 2001 13:55:03 -0500
ACID runs via PHP. As long you've installed PHP on your box, it will run the same as it does under Unix. -----Original Message----- From: Keller, Dennis A (DDSP) [mailto:dkeller () ddc dla mil] Sent: Wednesday, August 29, 2001 9:52 AM To: 'Joe McAlerney'; Schmeits, Roger Cc: 'snort'; 'sansug' Subject: RE: [Snort-users] snort on nt 4.0 While were on the subject, where can I get ACID for NT? I've got snort on NT and it's working fine but I can't find ACID for my management station. Regards, Dennis Keller Network Security Administrator DDSP email: dkeller () ddc dla mil Phone: 717-770-7766 DSN: 977-7766 Cell: 717-979-2716 Pager: 717-231-1960 -----Original Message----- From: Joe McAlerney [mailto:joey () SiliconDefense com] Sent: Wednesday, August 29, 2001 12:22 PM To: Schmeits, Roger Cc: 'snort'; 'sansug' Subject: Re: [Snort-users] snort on nt 4.0 Hello Roger, Make sure you are using a binary with MySQL support compiled in. You can pull the CVS tree and build one yourself, or use a precompiled copy. We have them available at: http://www.silicondefense.com/techsupport/windows.htm HTH, -Joe M. -- | Joe McAlerney joey () silicondefense com | | Silicon Defense - Technical Support for Snort | | http://www.silicondefense.com/ | +-- --+ "Schmeits, Roger" wrote:
I am in the process of installing Snort 1.8 on a NT 4.0 server with MySQL. What I have done so far: installed WinPcap 2.2 windows installer mysql 3.23.41 (installed and running) snort 1.8.1 lastest snort rules created db called snort usin create_mysql edited snort.conf to include var HOME_NET xxx.xxx.xxx.0/24 #Class B address space output database: log, mysql, user=snort password=snort dbname=snort host=localhost **** Please read errors at end of message. Does snort 1.8 have support for mysql??? **** Any help would be greatly appreciated. Roger ************************************************************************* This is the error I am receiving................. C:\snort\bin>snort -c snort.conf -l c:\snort\logs Log directory = c:\snort\logs --== Initializing Snort ==-- Checking PID path... Initializing Network Interface \ Decoding Ethernet on interface \Device\Packet_NdisWan4 Initializing Preprocessors! Initializing Plug-ins! Initializating Output Plugins! Parsing Rules file snort.conf +++++++++++++++++++++++++++++++++++++++++++++++++++ Initializing rule chains... No arguments to frag2 directive, setting defaults to: Fragment timeout: 60 seconds Fragment memory cap: 4194304 bytes Stream4 config: Stateful inspection: ACTIVE Session statistics: INACTIVE Session timeout: 30 seconds Session memory cap: 8388608 bytes State alerts: INACTIVE Scan alerts: ACTIVE No arguments to stream4_reassemble, setting defaults: Reassemble client: ACTIVE Reassemble server: INACTIVE Reassemble ports: 21 23 25 53 80 143 110 111 513 Reassembly alerts: ACTIVE Back Orifice detection brute force: DISABLED Using LOCAL time database: compiled support for ( ) database: configured to use mysql database: mysql support is not compiled in this copy Check your configuration file to be sure you did not mis-spell "mysql". If you did not, you will need to reconfigure and recompile ensuring that you have set the correct options to the configure script. Type "./configure --help" to see options for the configure script. Fatal Error, Quitting..
****************************************************************************
*** _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort on nt 4.0 Schmeits, Roger (Aug 29)
- Re: snort on nt 4.0 Joe McAlerney (Aug 29)
- <Possible follow-ups>
- RE: snort on nt 4.0 Johnson, David (Aug 29)
- RE: snort on nt 4.0 Dave Elfering (Aug 29)