Snort mailing list archives
Re: Snort-users digest, Vol 1 #3257 - 5 msgs
From: Don Cook <deathstar_dood () earthlink net>
Date: Fri, 13 Jun 2003 05:54:56 -0400 (EDT)
-------Original Message------- From: snort-users-request () lists sourceforge net Sent: 06/13/03 01:25 AM To: snort-users () lists sourceforge net Subject: Snort-users digest, Vol 1 #3257 - 5 msgs
Send Snort-users mailing list submissions to
snort-users () lists sourceforge net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/snort-users
or, via email, send a message with subject or body 'help' to
snort-users-request () lists sourceforge net
You can reach the person managing the list at
snort-users-admin () lists sourceforge net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Snort-users digest..."
Today's Topics:
1. JPGRAPH/ACID/$ChartLib_path ???? (Tim)
2. Re: Snort 2.0.0, OpenBSD3.3, Netgear EN104TP (Gus Faulk)
3. RE: JPGRAPH/ACID/$ChartLib_path ???? (D@7@K|N&)
4. RE: JPGRAPH/ACID/$ChartLib_path ???? (Michael Steele)
5. Re: JPGRAPH/ACID/$ChartLib_path ???? (Roy S. Rapoport)
--__--__--
Message: 1
From: "Tim" <twrodriguez () earthlink net>
To: "Snort-list" <snort-users () lists sourceforge net>
Date: Thu, 12 Jun 2003 23:13:26 -0400
Subject: [Snort-users] JPGRAPH/ACID/$ChartLib_path ????
This is a multi-part message in MIME format.
------=_NextPart_000_0009_01C33138.3A436210
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Folks,
I'm at a loss here. I have installed ACID, Snort, MySQL, JPGraph etc., =
etc., and all necessary files necessary for me to view graphs within my =
ACID console.=20
Everything is working fine, with the exception of being able to graph =
the alerts in ACID. I have followed all the documentation to no avail =
yet. According to what I have read, once all necessary and updated =
versions of the necessary programs/files are installed all that is =
needed is to change the $ChartLib_path to reflect the jpgraph =
directories ( $ChartLib_path=3D"../jpgraph/src"; ) in the acid_conf.php =
file in the ACID directory.
Even though I have done this all I get is ASCII text where the graph is =
supposed to show up. Ok, what could I be doing wrong. Supposedly the =
jpgraph.php file does not need much, if any, editing. I left the cache =
settings at their defaults, which is what looks like the only thing that =
would need editing and maybe the path to where GD is supposed to be, =
which I also left at its default.=20
Could anyone shed any light....I'm totally in the dark with this one. =
I'm exhausted from searching google and all the archives out there.
The help will be gratefully appreciated.
Tim -- Mia/Fla
------=_NextPart_000_0009_01C33138.3A436210
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1106" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV>
<DIV><FONT face=3DArial size=3D2>Folks,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I'm at a loss here. I have installed =
ACID, Snort,=20
MySQL, JPGraph etc., etc., and all necessary files necessary for me to =
view=20
graphs within my ACID console. </FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Everything is working fine, with the =
exception of=20
being able to graph the alerts in ACID. I have followed all the =
documentation to=20
no avail yet. According to what I have read, once all necessary and =
updated=20
versions of the necessary programs/files are installed all that is =
needed is to=20
change the $ChartLib_path to reflect the jpgraph directories (=20
$ChartLib_path=3D"../jpgraph/src"; ) in the acid_conf.php file in the =
ACID=20
directory.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Even though I have done this all I get =
is ASCII=20
text where the graph is supposed to show up. Ok, what could I be doing =
wrong.=20
Supposedly the jpgraph.php file does not need much, if any, editing. I =
left the=20
cache settings at their defaults, which is what looks like the only =
thing that=20
would need editing and maybe the path to where GD is supposed to be, =
which I=20
also left at its default. </FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Could anyone shed any light....I'm =
totally in the=20
dark with this one. I'm exhausted from searching google and all the =
archives out there.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>The help will be gratefully=20
appreciated.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Tim -- =
Mia/Fla</FONT></DIV></DIV></BODY></HTML>
Tim, There is a great guide on the Snort.org site now, that walks you through installation of PHP, JPGRAPH, the GD
packages, and teh apache server, and ties it in nicely with Linux 9 and Snort 2.0. I had the same issue you did when I
did not follow the guide; it has something to do with the GD package on Linux 9 not installing where the PHP and
JPGRAPH packages expect them to be. Following the guide takes longer, as it is all manual, but it works like a charm. dc
------=_NextPart_000_0009_01C33138.3A436210--
--__--__--
Message: 2
From: "Gus Faulk" <glfaulk () cox net>
To: <snort-users () lists sourceforge net>,
"Matt Kettler" <mkettler () evi-inc com>
Subject: Re: [Snort-users] Snort 2.0.0, OpenBSD3.3, Netgear EN104TP
Date: Fri, 13 Jun 2003 00:03:58 -0400
When I ran tcpdump it was seeing all traffic. The problem was in the
snort.conf. My rules were not set up properly.
----- Original Message -----
From: "Matt Kettler" <mkettler () evi-inc com>
To: "Gus Faulk" <glfaulk () cox net>; <snort-users () lists sourceforge net>
Sent: Wednesday, June 11, 2003 8:33 PM
Subject: Re: [Snort-users] Snort 2.0.0, OpenBSD3.3, Netgear EN104TP
At 07:51 PM 6/11/2003 -0400, Gus Faulk wrote:Snort is not logging anything from the cable modem. I have a remote
shell
that I have used to do nmap scans and it is not picking up anything. I have a link light on the stealth nic
and
it is getting traffic.My first question. Have you tried tcpdump? If tcpdump sees it, snort should see it. If tcpdump doesn't see it,
snort
won't. If traffic is coming in and visible to tcpdump, and snort isn't alerting when it should, check your configuration of snort.conf and make sure it really should be alerting for the IP combinations specified. Carefuly
check
over your external and home net declarations, and what rule files you
have
included. Check the rule files themselves.. which rules do you expect your nmap
scan
to trigger? (note this will varry a LOT depending on what kind of scan
you
run with nmap, and some kinds of nmap scan may not generate any alerts
at all)
--__--__--
Message: 3
Reply-To: <dataking () cox net>
From: "D@7@K|N&" <dataking () cox net>
To: "'Snort-list'" <snort-users () lists sourceforge net>
Subject: RE: [Snort-users] JPGRAPH/ACID/$ChartLib_path ????
Date: Thu, 12 Jun 2003 21:10:04 -0700
Organization: D@7@K|N&
This is a multi-part message in MIME format.
------=_NextPart_000_002E_01C33126.FEAAA3A0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
I think that the problem you are having is that your httpd isn't parsing
the php pages right. I'm not too familiar with ACID yet, but if it runs
on the default Apache, then you might have a version conflict. If
you're running Apache 2.0 or later, there are known compatibility issues
with php4. Every recommendation I have seen is to downgrade to Apache
1.3 and then install php4. I would imagine that things should do better
then. I haven't actually tried this to solve the problem, but I have
experienced the same problem with other php stuff (i.e. forums).
Good luck.
tH3_D@7@K|N&
-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Tim
Sent: Thursday, June 12, 2003 8:13 PM
To: Snort-list
Subject: [Snort-users] JPGRAPH/ACID/$ChartLib_path ????
Folks,
I'm at a loss here. I have installed ACID, Snort, MySQL, JPGraph etc.,
etc., and all necessary files necessary for me to view graphs within my
ACID console.
Everything is working fine, with the exception of being able to graph
the alerts in ACID. I have followed all the documentation to no avail
yet. According to what I have read, once all necessary and updated
versions of the necessary programs/files are installed all that is
needed is to change the $ChartLib_path to reflect the jpgraph
directories ( $ChartLib_path="../jpgraph/src"; ) in the acid_conf.php
file in the ACID directory.
Even though I have done this all I get is ASCII text where the graph is
supposed to show up. Ok, what could I be doing wrong. Supposedly the
jpgraph.php file does not need much, if any, editing. I left the cache
settings at their defaults, which is what looks like the only thing that
would need editing and maybe the path to where GD is supposed to be,
which I also left at its default.
Could anyone shed any light....I'm totally in the dark with this one.
I'm exhausted from searching google and all the archives out there.
The help will be gratefully appreciated.
Tim -- Mia/Fla
------=_NextPart_000_002E_01C33126.FEAAA3A0
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40";>
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DProgId content=3DWord.Document>
<meta name=3DGenerator content=3D"Microsoft Word 10">
<meta name=3DOriginator content=3D"Microsoft Word 10">
<link rel=3DFile-List href=3D"cid:filelist.xml@01C33126.FE7F9C00">
<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:DoNotRelyOnCSS/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:SpellingState>Clean</w:SpellingState>
<w:GrammarState>Clean</w:GrammarState>
<w:DocumentKind>DocumentEmail</w:DocumentKind>
<w:EnvelopeVis/>
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
</w:WordDocument>
</xml><![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;
mso-font-charset:0;
mso-generic-font-family:swiss;
mso-font-pitch:variable;
mso-font-signature:1627421319 -2147483648 8 0 66047 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0in;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;
text-underline:single;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;
text-underline:single;}
span.EmailStyle17
{mso-style-type:personal-reply;
mso-style-noshow:yes;
mso-ansi-font-size:10.0pt;
mso-bidi-font-size:10.0pt;
font-family:Arial;
mso-ascii-font-family:Arial;
mso-hansi-font-family:Arial;
mso-bidi-font-family:Arial;
color:navy;}
span.SpellE
{mso-style-name:"";
mso-spl-e:yes;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;
mso-header-margin:.5in;
mso-footer-margin:.5in;
mso-paper-source:0;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 10]>
<style>
/* Style Definitions */=20
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";}
</style>
<![endif]--><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor=3Dwhite lang=3DEN-US link=3Dblue vlink=3Dpurple =
style=3D'tab-interval:.5in'>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>I think that the problem you are =
having is
that your httpd isn’t parsing the php pages right.<span
style=3D'mso-spacerun:yes'> </span>I’m not too familiar with =
ACID yet, but
if it runs on the default Apache, then you might have a version =
conflict.<span
style=3D'mso-spacerun:yes'> </span>If you’re running Apache =
2.0 or later,
there are known compatibility issues with php4. <span
style=3D'mso-spacerun:yes'> </span>Every recommendation I have seen =
is to
downgrade to Apache 1.3 and then install php4. <span
style=3D'mso-spacerun:yes'> </span>I would imagine that things =
should do better
then.<span style=3D'mso-spacerun:yes'> </span>I haven’t =
actually tried
this to solve the problem, but I have experienced the same problem with =
other
php stuff (i.e. forums).<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>Good =
luck.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>tH3_D@7@K|N&<o:p></o:p></span></=
font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DTahoma><span
style=3D'font-size:10.0pt;font-family:Tahoma'>-----Original =
Message-----<br>
<b><span style=3D'font-weight:bold'>From:</span></b>
snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] <b><span =
style=3D'font-weight:
bold'>On Behalf Of </span></b>Tim<br>
<b><span style=3D'font-weight:bold'>Sent:</span></b> Thursday, June 12, =
2003 8:13
PM<br>
<b><span style=3D'font-weight:bold'>To:</span></b> Snort-list<br>
<b><span style=3D'font-weight:bold'>Subject:</span></b> [Snort-users]
JPGRAPH/ACID/$ChartLib_path ????</span></font></p>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'><o:p> </o:p></span></font></p>
<div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Folks,</span></font><o:p></o=
:p></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>I'm at a loss here. I have =
installed
ACID, Snort, MySQL, JPGraph etc., etc., and all necessary files =
necessary for me
to view graphs within my ACID console. </span></font><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Everything is working fine, =
with the
exception of being able to graph the alerts in ACID. I have followed all =
the
documentation to no avail yet. According to what I have read, once all
necessary and updated versions of the necessary programs/files are =
installed
all that is needed is to change the $ChartLib_path to reflect the =
jpgraph
directories ( $ChartLib_path=3D"../jpgraph/src"; ) in the =
acid_conf.php
file in the ACID directory.</span></font><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Even though I have done =
this all I
get is ASCII text where the graph is supposed to show up. Ok, what could =
I be
doing wrong. Supposedly the jpgraph.php file does not need much, if any,
editing. I left the cache settings at their defaults, which is what =
looks like
the only thing that would need editing and maybe the path to where GD is
supposed to be, which I also left at its default. =
</span></font><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Could anyone shed any =
light....I'm
totally in the dark with this one. I'm exhausted from searching =
google and
all the archives out there.</span></font><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>The help will be gratefully
appreciated.</span></font><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Tim -- =
Mia/Fla</span></font><o:p></o:p></p>
</div>
</div>
</div>
</body>
</html>
------=_NextPart_000_002E_01C33126.FEAAA3A0--
--__--__--
Message: 4
From: "Michael Steele" <michaels () winsnort com>
To: "'Tim'" <twrodriguez () earthlink net>
Cc: <snort-users () lists sourceforge net>
Subject: RE: [Snort-users] JPGRAPH/ACID/$ChartLib_path ????
Date: Thu, 12 Jun 2003 21:08:52 -0700
This is a multi-part message in MIME format.
------=_NextPart_000_0003_01C33126.D6CEC820
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Tim,
=20
Did you add the PHPLot (.php & .inc) files to the jpgraph folder? Not =
real
sure about UNIX but Windows install requires them.
Cheers...
-Michael Steele
--
System Engineer / Security Support Technician =20
mailto:michaels () winsnort com =20
Website: http://www.winsnort.com
Snort: Open Source Network IDS - http://www.snort.org
-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Tim
Sent: Thursday, June 12, 2003 8:13 PM
To: Snort-list
Subject: [Snort-users] JPGRAPH/ACID/$ChartLib_path ????
=20
Folks,
=20
I'm at a loss here. I have installed ACID, Snort, MySQL, JPGraph etc., =
etc.,
and all necessary files necessary for me to view graphs within my ACID
console.=20
=20
Everything is working fine, with the exception of being able to graph =
the
alerts in ACID. I have followed all the documentation to no avail yet.
According to what I have read, once all necessary and updated versions =
of
the necessary programs/files are installed all that is needed is to =
change
the $ChartLib_path to reflect the jpgraph directories (
$ChartLib_path=3D"../jpgraph/src"; ) in the acid_conf.php file in the =
ACID
directory.
=20
Even though I have done this all I get is ASCII text where the graph is
supposed to show up. Ok, what could I be doing wrong. Supposedly the
jpgraph.php file does not need much, if any, editing. I left the cache
settings at their defaults, which is what looks like the only thing that
would need editing and maybe the path to where GD is supposed to be, =
which I
also left at its default.=20
=20
Could anyone shed any light....I'm totally in the dark with this one. =
I'm
exhausted from searching google and all the archives out there.
=20
The help will be gratefully appreciated.
=20
Tim -- Mia/Fla
------=_NextPart_000_0003_01C33126.D6CEC820
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 10 (filtered)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p
{margin-right:0in;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman";}
span.EmailStyle17
{font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body bgcolor=3Dwhite lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>Tim,</span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>Did you add the PHPLot (.php & =
.inc) files
to the jpgraph folder? Not real sure about UNIX but Windows install =
requires
them.</span></font></p>
<div>
<p style=3D'margin-bottom:12.0pt'><font size=3D2 color=3Dnavy =
face=3D"Times New Roman"><span
style=3D'font-size:10.0pt;color:navy'>Cheers...<br>
<br>
-</span></font><font size=3D2 color=3Dnavy><span =
style=3D'font-size:10.0pt;
color:navy'>Michael Steele</span></font><font size=3D2 =
color=3Dnavy><span
style=3D'font-size:10.0pt;color:navy'><br>
--<br>
System Engineer / Security Support =
Technician <br>
<a =
href=3D"mailto:michaels () winsnort com">mailto:michaels () winsnort com</a>&nb=
sp; <br>
Website: <a =
href=3D"http://www.winsnort.com";>http://www.winsnort.com</a><br>
Snort: Open Source Network IDS - <a =
href=3D"http://www.snort.org";>http://www.snort.org</a></span></font></p>
</div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DTahoma><span
style=3D'font-size:10.0pt;font-family:Tahoma'>-----Original =
Message-----<br>
<b><span style=3D'font-weight:bold'>From:</span></b> =
snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] <b><span =
style=3D'font-weight:
bold'>On Behalf Of </span></b>Tim<br>
<b><span style=3D'font-weight:bold'>Sent:</span></b> Thursday, June 12, =
2003 8:13
PM<br>
<b><span style=3D'font-weight:bold'>To:</span></b> Snort-list<br>
<b><span style=3D'font-weight:bold'>Subject:</span></b> [Snort-users]
JPGRAPH/ACID/$ChartLib_path ????</span></font></p>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> </span></font></p>
<div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Folks,</span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>I'm at a loss here. I have =
installed
ACID, Snort, MySQL, JPGraph etc., etc., and all necessary files =
necessary for
me to view graphs within my ACID console. </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Everything is working fine, =
with the
exception of being able to graph the alerts in ACID. I have followed all =
the
documentation to no avail yet. According to what I have read, once all
necessary and updated versions of the necessary programs/files are =
installed
all that is needed is to change the $ChartLib_path to reflect the =
jpgraph
directories ( $ChartLib_path=3D"../jpgraph/src"; ) in the =
acid_conf.php
file in the ACID directory.</span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Even though I have done =
this all I
get is ASCII text where the graph is supposed to show up. Ok, what could =
I be
doing wrong. Supposedly the jpgraph.php file does not need much, if any,
editing. I left the cache settings at their defaults, which is what =
looks like
the only thing that would need editing and maybe the path to where GD is
supposed to be, which I also left at its default. </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Could anyone shed any =
light....I'm
totally in the dark with this one. I'm exhausted from searching =
google and
all the archives out there.</span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>The help will be gratefully
appreciated.</span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Times New Roman"><span
style=3D'font-size:12.0pt'> </span></font></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Tim -- =
Mia/Fla</span></font></p>
</div>
</div>
</div>
</body>
</html>
------=_NextPart_000_0003_01C33126.D6CEC820--
--__--__--
Message: 5
Date: Thu, 12 Jun 2003 22:34:22 -0700
From: "Roy S. Rapoport" <snort-users () ols inorganic org>
To: 'Snort-list' <snort-users () lists sourceforge net>
Subject: Re: [Snort-users] JPGRAPH/ACID/$ChartLib_path ????
On Thu, Jun 12, 2003 at 09:10:04PM -0700, D@7@K|N& wrote:
I think that the problem you are having is that your httpd isn't parsing the php pages right. I'm not too familiar with ACID yet, but if it runs on the default Apache, then you might have a version conflict. If you're running Apache 2.0 or later, there are known compatibility issues with php4. Every recommendation I have seen is to downgrade to Apache 1.3 and then install php4. I would imagine that things should do better then. I haven't actually tried this to solve the problem, but I have experienced the same problem with other php stuff (i.e. forums).
Hogwash. I've had no problems getting my PHP 4.3.[0|1|2] playing nicely with my Apache 2.0.4[2|5] -roy --__--__-- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-users End of Snort-users Digest
------------------------------------------------------- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Snort-users digest, Vol 1 #3257 - 5 msgs Don Cook (Jun 13)