Snort mailing list archives
RE: Access denied for user: '@192.168.0.1' -SNORT-
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Mon, 10 Feb 2003 18:16:53 -0600
mysql> SHOW DATABASE
->
xxxx
The -> is telling you that the command isn't finished. You need a
semi-colon. Also, it's DATABASE*S*, not DATABASE.
mysql> show DATABASES;
+---------------------+
| Database |
+---------------------+
| mysql |
| snort |
| snort_archive_FEB03 |
+---------------------+
3 rows in set (0.00 sec)
What is "SHOW GRANTS"? The proper command is "SHOW GRANTS for
xxx$hostname", for example:
mysql> SHOW GRANTS FOR root@localhost
-> ;
+-----------------------------------------------------------------------
----------------------------------------+
| Grants for root@localhost
|
+-----------------------------------------------------------------------
----------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY
PASSWORD 'xxxxxxxx' WITH GRANT OPTION |
+-----------------------------------------------------------------------
----------------------------------------+
1 row in set (0.01 sec)
There is an excellent online manual at
http://www.mysql.com/doc/en/index.html.
Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/~pauls/
AVIEN Founding Member
-----Original Message-----
From: mike Hughes [mailto:mikehughes013 () hotmail com]
Sent: Monday, February 10, 2003 5:28 PM
To: Snort-users () lists sourceforge net
Subject: Re: [Snort-users] Access denied for user: '@192.168.0.1'
-SNORT-
Ok from my "windows machine (management)" i ran these commands and here
is
the output:
C:\mysql\bin>mysql -u sensor1 -p snort
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 3.23.55-nt
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> SHOW DATABASE
->
mysql> SHOW GRANTS
->
This shouldnt be like this im guessing? ;( HOw can i fix this?
From: "Kenneth G. Arnold" <bkarnold () cbu edu> To: Snort-users () lists sourceforge net Subject: Re: [Snort-users] Access denied for user: '@192.168.0.1' -SNORT- Date: Mon, 10 Feb 2003 15:38:35 -0600 It looks like the host where this snort process is trying to run does not have write access to the mysql database located at 192.168.0.69
connecting
as user sensor1. Is 192.168.0.1 the host where snort is actually
running?
I am confused as to why the error message doesn't mention user sensor1@192.168.0.1 if that is the case. There doesn't appear to be a
user
specified in the error message yet the log shows that it knows the user
is
sensor1. Anyway, you need to make sure that the MySQL database has
write
permission for user sensor1 connecting from 192.168.0.1 (or wherever
your
snort machine is located). Page 19 of the Snort Installation Manual
for
Snort, MySQL and ACID on Redhat 7.3 describes how to do this for a user
snort from both the localhost and from all hosts. I would recommend
that
you only allow access from the specific hosts that need it. That documentation is located at http://www.snort.org/docs/snort-rh7-mysql-ACID-1-5.pdf Ken At 12:46 PM 2/10/03 -0800, mike Hughes wrote:Whats up guys...i am folowing this as my refernce: http://www.sans.org/rr/intrusion/practical_guide.php Im on the second to last step and am stuck and cant figure it out...Im
a noob to mysql tooo im getting this error: database: mysql_error: Access denied for user: '@192.168.0.1' to
database
'snort' Fatal Error, Quitting..------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_________________________________________________________________ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- Kenneth G. Arnold (Feb 10)
- <Possible follow-ups>
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- twig les (Feb 10)
- RE: Access denied for user: '@192.168.0.1' -SNORT- Schmehl, Paul L (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- twig les (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- Kenneth G. Arnold (Feb 10)
- RE: Access denied for user: '@192.168.0.1' -SNORT- Michael Steele (Feb 10)
- ACID - Which Database? Yaakov Yehudi (Feb 11)
- Re: ACID - Which Database? Ken Gunderson (Feb 11)
- Re: ACID - Which Database? Paul B. Poh (Feb 11)
- Re: ACID - Which Database? Yaakov Yehudi (Feb 12)