Snort mailing list archives

RE: snort on nt 4.0

From: Dave Elfering <elfering () wernerlogistics com>
Date: Wed, 29 Aug 2001 13:55:03 -0500

ACID runs via PHP. As long you've installed PHP on your box, it will run the
same as it does under Unix.

-----Original Message-----
From: Keller, Dennis A (DDSP) [mailto:dkeller () ddc dla mil]
Sent: Wednesday, August 29, 2001 9:52 AM
To: 'Joe McAlerney'; Schmeits, Roger
Cc: 'snort'; 'sansug'
Subject: RE: [Snort-users] snort on nt 4.0

While were on the subject, where can I get ACID for NT?  I've got snort on
NT and it's working fine but I can't find ACID for my management station.

Regards,
Dennis Keller
Network Security Administrator
DDSP
email: dkeller () ddc dla mil
Phone: 717-770-7766
  DSN: 977-7766
 Cell: 717-979-2716
Pager: 717-231-1960  

-----Original Message-----
From: Joe McAlerney [mailto:joey () SiliconDefense com]
Sent: Wednesday, August 29, 2001 12:22 PM
To: Schmeits, Roger
Cc: 'snort'; 'sansug'
Subject: Re: [Snort-users] snort on nt 4.0

Hello Roger,

Make sure you are using a binary with MySQL support compiled in.  You
can pull the CVS tree and build one yourself, or use a precompiled
copy.  We have them available at:
http://www.silicondefense.com/techsupport/windows.htm

HTH,

-Joe M.

-- 
|   Joe McAlerney     joey () silicondefense com   |
| Silicon Defense - Technical Support for Snort |
|       http://www.silicondefense.com/          |
+--                                           --+

"Schmeits, Roger" wrote:


I am in the process of installing Snort 1.8 on a NT 4.0 server with MySQL.
What I have done so far:
installed WinPcap 2.2
windows installer
mysql 3.23.41 (installed and running)
snort 1.8.1
lastest snort rules
created db called snort usin create_mysql
edited snort.conf to include
var HOME_NET xxx.xxx.xxx.0/24 #Class B address space
output database: log, mysql, user=snort password=snort dbname=snort
host=localhost

****
Please read errors at end of message.
Does snort 1.8 have support for mysql???
****

Any help would be greatly appreciated.

Roger
*************************************************************************
This is the error I am receiving.................
C:\snort\bin>snort -c snort.conf -l c:\snort\logs
Log directory = c:\snort\logs

        --== Initializing Snort ==--
Checking PID path...

Initializing Network Interface \
Decoding Ethernet on interface \Device\Packet_NdisWan4
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
Parsing Rules file snort.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
No arguments to frag2 directive, setting defaults to:
    Fragment timeout: 60 seconds
    Fragment memory cap: 4194304 bytes
Stream4 config:
    Stateful inspection: ACTIVE
    Session statistics: INACTIVE
    Session timeout: 30 seconds
    Session memory cap: 8388608 bytes
    State alerts: INACTIVE
    Scan alerts: ACTIVE
No arguments to stream4_reassemble, setting defaults:
     Reassemble client: ACTIVE
     Reassemble server: INACTIVE
     Reassemble ports: 21 23 25 53 80 143 110 111 513
     Reassembly alerts: ACTIVE
Back Orifice detection brute force: DISABLED
Using LOCAL time
database: compiled support for ( )
database: configured to use mysql
database: mysql support is not compiled in this copy

 Check your configuration file to be sure you did not mis-spell "mysql".
 If you did not, you will need to reconfigure and recompile ensuring that
 you have set the correct options to the configure script. Type
 "./configure --help" to see options for the configure script.

Fatal Error, Quitting..

****************************************************************************

***

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort on nt 4.0 Schmeits, Roger (Aug 29)
- Re: snort on nt 4.0 Joe McAlerney (Aug 29)
- <Possible follow-ups>
- RE: snort on nt 4.0 Johnson, David (Aug 29)
- RE: snort on nt 4.0 Dave Elfering (Aug 29)