Snort mailing list archives

Re: Access denied for user: '@192.168.0.1' -SNORT-

From: "mike Hughes" <mikehughes013 () hotmail com>
Date: Mon, 10 Feb 2003 22:37:04 -0800

Hey Guys...

Alright i used PUTY from my windows machine logged on to 192.168.0.1 ranthis command:


snort-mysql+flexresp v c /etc/snort/snort.conf

I didnt get an error message it started to show TRAFFIC like this:

02/10-19:39:24.242446 64.4.8.250:80 -> 148.59.13.124:2471

TCP TTL:51 TOS:0x28 ID:17146 IpLen:20 DgmLen:576 ***A**** Seq:0xD2048DE9 Ack: 0x443B250E Win: 0x4470 TcpLen: 32 TCP Options (12) => NOPNOP NOP NOP NOP NOP NOP NOP NOP NOP NOP NOP

I had the database waiting for my eth0 internet interface instead of my LANon sensor1@192.168.0.1 i had it like sensor1@172.142.64.11 my internet ipaddy.

Soo now FROM MY WINDOWS machine i ran this command too see if it was logginganything to my adatabase : ! but it wasnt ! ...


mysql -u snort -p
Enter password:

use snort;

select count(*) from event;
+----------+
| count(*) |
+----------+
|     0    |
+----------+
1 row in set (0.00 sec)

But shouldnt there be alerts in there soo its not logging to my WINDOWSdatabase yet...Sooo what can i try from here to LOG to my DATABASE any ideahow to DEBUG from here:


Thanks GUYS...;)











_________________________________________________________________

STOP MORE SPAM with the new MSN 8 and get 2 months FREE*http://join.msn.com/?page=features/junkmail




-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Re: Access denied for user: '@192.168.0.1' -SNORT-, (continued)
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
  - Re: Access denied for user: '@192.168.0.1' -SNORT- twig les (Feb 10)
  - Re: Access denied for user: '@192.168.0.1' -SNORT- Kenneth G. Arnold (Feb 10)
    - RE: Access denied for user: '@192.168.0.1' -SNORT- Michael Steele (Feb 10)
    - ACID - Which Database? Yaakov Yehudi (Feb 11)
    - Re: ACID - Which Database? Ken Gunderson (Feb 11)
    - Re: ACID - Which Database? Paul B. Poh (Feb 11)
    - Re: ACID - Which Database? Yaakov Yehudi (Feb 12)
- RE: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- RE: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 10)
- RE: Access denied for user: '@192.168.0.1' -SNORT- L. Christopher Luther (Feb 11)
- RE: Access denied for user: '@192.168.0.1' -SNORT- L. Christopher Luther (Feb 11)
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 11)
- RE: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 11)
  - RE: Access denied for user: '@192.168.0.1' -SNORT- Kenneth G. Arnold (Feb 11)
  - Re: RE: Access denied for user: '@192.168.0.1' -SNORT- Erek Adams (Feb 11)
- RE: Access denied for user: '@192.168.0.1' -SNORT- L. Christopher Luther (Feb 11)
  - RE: Access denied for user: '@192.168.0.1' -SNORT- Erek Adams (Feb 12)
- RE: Access denied for user: '@192.168.0.1' -SNORT- L. Christopher Luther (Feb 11)
- Re: Access denied for user: '@192.168.0.1' -SNORT- mike Hughes (Feb 12)