Snort mailing list archives
Re: RE: Problems with HOME_NET and EXTERNAL_NET var 's
From: Nick Oliver <nwoliver () internetsecurityguru com>
Date: 01 Sep 2003 10:38:16 -0500
Going back to your original question about not logging to your database, have you configured your output database? On line 449 of the snort.conf file: # database: log to a variety of databases # --------------------------------------- # See the README.database file for more information about configuring # and using this plugin. # output database: log, mysql, user=snort password=<new_password> dbname=snort host=localhost # output database: alert, postgresql, user=snort dbname=snort # output database: log, unixodbc, user=snort dbname=snort # output database: log, mssql, dbname=snort user=snort password=test See Page 14 of Patrick Harpers paper where it speaks of modifying the snort.conf file. Nick Oliver On Sun, 2003-08-31 at 23:49, Jochen Erwied wrote:
On Sun, Aug 31, 2003 at 11:34:05PM -0400, Lauts, Anthony wrote:I am starting automaically via init.d, when i do a ps -ef it shows that it started as such... /usr/local/bin/snort -c /etc/snort/snort.conf -i eth0 -D When I see the error, I start it as ... /usr/local/bin/snort -i eth0 -n 1 -c /etc/snort/x11.rulesYou haven't configured any output plugins. And the option '-c' needs a configuration-file, not a rules-file.
-- Nick Oliver <nwoliver () internetsecurityguru com>
Current thread:
- RE: RE: Problems with HOME_NET and EXTERNAL_NET var 's Lauts, Anthony (Aug 31)
- Re: RE: Problems with HOME_NET and EXTERNAL_NET var 's Jochen Erwied (Aug 31)
- Re: RE: Problems with HOME_NET and EXTERNAL_NET var 's Nick Oliver (Sep 01)
- RE: RE: Problems with HOME_NET and EXTERNAL_NET var 's Erek Adams (Sep 02)
- Re: RE: Problems with HOME_NET and EXTERNAL_NET var 's Jochen Erwied (Aug 31)