Snort mailing list archives

Re: Installation Problem

From: "Aryan D" <aryan_912 () hotmail com>
Date: Wed, 29 Oct 2003 17:59:19 +0530

Hi ,

After checking the processes running on Snort, like httpd, snort and mysql,i am getting the following output. Please let me know if their is anyproblem with the installation so that i can reconfigure it.


*********************************************************************************

[root@localhost snort]# ps -ef |grep mysql

root 1313 1 0 17:51 ? 00:00:00 /bin/sh /usr/bin/mysqld_safe--datadir=/var/lib/mysql --pid-file=/var/lib/mysql/localhost.localdomain.pid

mysql     1339  1313  0 17:51 ?        00:00:00 [mysqld]
mysql     1366  1339  0 17:51 ?        00:00:00 [mysqld]
mysql     1367  1366  0 17:51 ?        00:00:00 [mysqld]
mysql     1368  1366  0 17:51 ?        00:00:00 [mysqld]
mysql     1369  1366  0 17:51 ?        00:00:00 [mysqld]
mysql     1370  1366  0 17:51 ?        00:00:00 [mysqld]
mysql     1397  1366  0 17:51 ?        00:00:00 [mysqld]
mysql     1398  1366  0 17:51 ?        00:00:00 [mysqld]

[root@localhost snort]# ps -ef |grep httpd
root      1234     1  0 17:51 ?        00:00:00 /usr/sbin/httpd
apache    1252  1234  0 17:51 ?        00:00:00 [httpd]
apache    1253  1234  0 17:51 ?        00:00:00 [httpd]
apache    1254  1234  0 17:51 ?        00:00:00 [httpd]
apache    1255  1234  0 17:51 ?        00:00:00 [httpd]
apache    1256  1234  0 17:51 ?        00:00:00 [httpd]
apache    1257  1234  0 17:51 ?        00:00:00 [httpd]
apache    1258  1234  0 17:51 ?        00:00:00 [httpd]
apache    1259  1234  0 17:51 ?        00:00:00 [httpd]
apache    1530  1234  0 17:53 ?        00:00:00 [httpd]

Snort is fine i guess

[root@localhost snort]# ps -ef |grep snort

root 1401 1 0 17:51 ? 00:00:00 /usr/bin/perl/opt/snortagent/sensor/miniserv.pl /etc/snort/miniserv.confroot 1546 1 0 17:54 ? 00:00:00 /usr/local/bin/snort -D -ieth1 -U -o -c /etc/snort/snort.eth1.conf

root      1594  1456  0 18:02 pts/0    00:00:00 grep snort


**********************************************************************************
Hi,

I using the following to configure Snort

OS :- Redhat Linux 9.0
DB :- Mysql
Snort Version :- 2.0.2

I am new to snort so i had referred to the "Enterprise Installation" Docfrom www.snort.org

Please let me know how do i verify the below configuration, i dont know muchabout Mysql DB.

   1. You configured snort to use a SQL-database?  - Used MySQL
2. You created the database and tables for snort? - Yes, referred to doc

3. You confirmed that snort logs into the database? - please let me know doi check this 4. You configured ACID to use the db? - please let me know do icheck this 5. State the version of the tools used and any error message youencounter when starting snort or accessing ACID.

No error message encountered while installation, except for whileinstallation of NetSSLearpm for Snortcenter.

Error:- Pod2man not found in the path.

But the when i checked it was their in the PATH. So while selecting Sensor iselected non-SSL.




Aryan

From: Ralf Spenneberg <lists () spenneberg org>
To: Aryan D <aryan_912 () hotmail com>
CC: SnortUsers <snort-users () lists sourceforge net>
Subject: Re: [Snort-users] Installation Problem
Date: 29 Oct 2003 09:49:30 +0100

Hi Aryan,

Am Mit, 2003-10-29 um 07.07 schrieb Aryan D:
> Hi ,
> Please Help.
You should provide more information.
1. You configured snort to use a SQL-database?
2. You created the database and tables for snort?
3. You confirmed that snort logs into the database?
4. You configured ACID to use the db?
5. State the version of the tools used and any error message you
encounter when starting snort or accessing ACID.

The information you gave does not provide any clues to your problem.

Cheers,

Ralf
--
Ralf Spenneberg
RHCE, RHCX

Book: Intrusion Detection für Linux Server   http://www.spenneberg.com
IPsec-Howto                                  http://www.ipsec-howto.org
Honeynet Project Mirror:                     http://honeynet.spenneberg.org


-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


_________________________________________________________________

MSN Hotmail now on your Mobile phone.http://server1.msn.co.in/sp03/mobilesms/ Click here.




-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Installation Problem Aryan D (Oct 28)
- Re: Installation Problem Ralf Spenneberg (Oct 29)
- <Possible follow-ups>
- Re: Installation Problem Aryan D (Oct 29)
- Re: Installation Problem Aryan D (Oct 29)
- Installation Problem Aryan D (Oct 30)
- Installation Problem Aryan D (Oct 30)