Re: Installation Problem

["Aryan D" <aryan_912 () hotmail com>]

Hi,

I using the following to configure Snort

OS :- Redhat Linux 9.0
DB :- Mysql
Snort Version :- 2.0.2

I am new to snort so i had referred to the "Enterprise Installation" Doc 
from www.snort.org

Please let me know how do i verify the below configuration, i dont know much 
about Mysql DB.
> 1. You configured snort to use a SQL-database?  - Used MySQL
> 2. You created the database and tables for snort? - Yes, referred to doc
> 3. You confirmed that snort logs into the database? - please let me know do 
> i check this 4. You configured ACID to use the db? - please let me know do 
> i check this 5. State the version of the tools used and any error message 
> you encounter when starting snort or accessing ACID.
No error message encountered while installation, except for while 
installation of NetSSLearpm for Snortcenter.
Error:- Pod2man not found in the path.
But the when i checked it was their in the PATH. So while selecting Sensor i 
selected non-SSL.



Aryan


> From: Ralf Spenneberg <lists () spenneberg org>
> To: Aryan D <aryan_912 () hotmail com>
> CC: SnortUsers <snort-users () lists sourceforge net>
> Subject: Re: [Snort-users] Installation Problem
> Date: 29 Oct 2003 09:49:30 +0100
>
> Hi Aryan,
>
> Am Mit, 2003-10-29 um 07.07 schrieb Aryan D:
> > Hi ,
> > Please Help.
> You should provide more information.
> 1. You configured snort to use a SQL-database?
> 2. You created the database and tables for snort?
> 3. You confirmed that snort logs into the database?
> 4. You configured ACID to use the db?
> 5. State the version of the tools used and any error message you
> encounter when starting snort or accessing ACID.
>
> The information you gave does not provide any clues to your problem.
>
> Cheers,
>
> Ralf
> --
> Ralf Spenneberg
> RHCE, RHCX
>
> Book: Intrusion Detection für Linux Server   http://www.spenneberg.com
> IPsec-Howto                                  http://www.ipsec-howto.org
> Honeynet Project Mirror:                     http://honeynet.spenneberg.org


Hi ,

I have installed Snort 2.0.2, when i open the acid console i cannot see any 
traffic. Snortcenter show Snort is running with **** PID.

Below is the output of ps-ef |grep snort
**********************************************************************
[root@localhost /]# ps -ef |grep snort
root     13271     1  0 Oct11 ?        00:00:01 /usr/bin/perl 
/opt/snortagent/sensor/miniserv.pl /etc/snort/miniserv.conf
root      2153     1  0 11:44 ?        00:00:00 /usr/local/bin/snort -D -i 
eth1 -U -o -c /etc/snort/snort.eth1.conf
root      2169 15655  0 11:44 pts/0    00:00:00 grep snort
**********************************************************************

Also the log file /var/log/snort/alert is empty
**********************************************************************
-rw-------    1 root     root            0 Oct 11 10:21 alert
-rw-r--r--    1 root     root         1816 Oct 11 17:20 miniserv.error
-rw-------    1 root     root        74927 Oct 12 11:49 miniserv.log
-rw-r--r--    1 root     root            6 Oct 11 17:20 miniserv.pid
**********************************************************************

Please Help.

Aryan

_________________________________________________________________
Call your NRI friends.Introduce them to Citibank RCA. 
http://server1.msn.co.in/sp03/diwali/rca/referrca.asp Win 2 tickets to visit 
them abroad.



-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users