Snort mailing list archives
question regarding snort, acid, mysql, and redhat 7.3
From: "Bob Dixon" <bob.dixon () attbi com>
Date: Sat, 26 Oct 2002 20:56:16 -0400
Hello all, I'm trying to get snort working with mysql and acid. I think that I am following the directions to set this up, but apparently I am missing something (probably really simple). Snort works fine from a command line. Also, apache is up. But when I go to what should be my ACID page (http://10.0.0.2/acid/index.html), all I get is: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. I get the same result going to http://10.0.0.2/acidviewer/index.html). Any idea what might be wrong? I am trying to follow Steven Scott's guide, but I am obviously missing something here. Also, have 2 NIC's. Eth0 is 10.0.0.2 and eth1 is unnumbered. Snort seems to try and run on eth0, but I think it should be running on eth1. Is this correct? I am using the snortd script suggested by Steven in his pdf, and I have configured "INTERFACE=eth1 " in the script. However, /var/log/messages shows that snort is putting eth0 into promiscuous mode each time I run "snortd start". Does this sound correct? I have been trying to go over the details of this for several days to see if I have missed something simple, but I can't find out what I am doing wrong. If anyone here has any ideas, I would really appreciate it. Thanks for your time, -Bob BTW- Here are the versions of software that I am running. acid-0.9.6b22.tar.gz adodb231.tgz create_mysql gd-2.0.4.tar.gz MySQL-3.23.53a-1.i386.rpm MySQL-client-3.23.53a-1.i386.rpm MySQL-devel-3.23.53a-1.i386.rpm MySQL-shared-3.23.53a-1.i386.rpm Net_SSLeay.pm-1.20.tar.gz perl-Net_SSLeay.pm-1.05-3.i386.rpm php-4.1.2-7.3.4.i386.rpm phplot-4.4.6.tar.gz php-mysql-4.1.2-7.3.4.i386.rpm snort-1.9.0.tar.gz snortd snortrules-stable.tar.gz webmin-1.020-1.noarch.rpm ------------------------------------------------------- This SF.net email is sponsored by: ApacheCon, November 18-21 in Las Vegas (supported by COMDEX), the only Apache event to be fully supported by the ASF. http://www.apachecon.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- question regarding snort, acid, mysql, and redhat 7.3 Bob Dixon (Oct 26)