Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [rpms] snort-mysql rpm

From: JP Vossen <vossenjp () netaxs com>
Date: Mon, 9 Feb 2004 12:36:20 -0500 (EST)
On 9 Feb 2004, Mark Hutlet wrote:


Do you know of a resource that can assist me in the installation of the
snort-mysql-rpm on Redhat9?  I understand that this is probably a dumbass
question!


I can, at least a little.  It's pretty easy.



My impression is that I install Snort, then Mysql, and then install the
RPM that links the two.

Let me know if I'm warm!


It depends on what you want.  If you plan to run everything on 1 box, then you
do need all that.  If you want to run Snort on 1 box and MySQL/ACID, etc. on
another you can do that too, in which case you don't need MySQL on the Snort
box at all.

There is no RPM that "links" the two.  Snort has the basic snort, all the
support files, etc.  snort-mysql has only a snort binary that has mysql
support already compiled in.

See http://www.starken.com/snort/ for the very latest RPMs that haven't made
it to snort.org yet.  Just download the ones you want and try to install them
using something like 'rpm -Uvh snort*.rpm'.  You should end up with something
like this:

/root# ll /usr/sbin/snort*
lrwxrwxrwx  1 root  root       21 Feb  7 02:59 /usr/sbin/snort -> /usr/sbin/snort-mysql*
-rwxr-xr-x  1 root  root     438K Feb  6 00:45 /usr/sbin/snort-mysql*
-rwxr-xr-x  1 root  root     437K Feb  6 00:45 /usr/sbin/snort-plain*

NOTE that 'snort' is a symlink to snort-plain, or what you want in your case,
snort-mysql.

There are also a ton of user/install guides around.  Check snort.org,
http://www.winsnort.com/ and http://www.internetsecurityguru.com/documents,
plus the Snort-users archives at http://www.snort.org/lists.html.

HTH,
JP
------------------------------|:::======|--------------------------------
JP Vossen, CISSP              |:::======|         jp{at}jpsdomain{dot}org
My Account, My Opinions       |=========|       http://www.jpsdomain.org/
------------------------------|=========|--------------------------------
You used to have to reboot the Windows 9.x series every couple of days
because it would crash.  Now you have to reboot Windows 200x or XP every
couple of days because of a patch.  How is that better or more stable?



-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: