Snort mailing list archives

Fw: Fw: Error in Postgres dbase

From: "reynald" <rtm () cybees com>
Date: Thu, 20 Jan 2005 17:48:50 +0800

James,

I have no problem with my blocking. Like I said before it does work, but
when i tried to put the logs and alerts to
my database the blocking is not working. Anyway, the error " duplicate
key..." was eliminated by my "sensor_name:
entry in snort.conf. Now i have this new error:

FATAL 1: FRONTEND PROTOCOL UNSUPPORTED

I still have the same problem. My Blocking doesn't work, but you can see all
the alerts to my database.

help please!!!

thanks,
reynald


----- Original Message ----- 
From: "James Riden" <j.riden () massey ac nz>
To: "reynald" <rtm () cybees com>
Cc: <snort-users () lists sourceforge net>
Sent: Wednesday, January 19, 2005 1:46 PM
Subject: Re: [Snort-users] Fw: Error in Postgres dbase

"reynald" <rtm () cybees com> writes:

   fyi,



   I did some research and found out that i need to configure the
   sensor_name in snort.conf. It indicates that i need to set this when

   have

   multiple sensors logging on the same database. The said error below
   was resolved, but my rules wont take effect still.



   did i missed something?


The flexresp2 plugin which does blocking needs to be applied as a
patch to snort 2.2.0 sources. Have you applied this? (snort 2.3 will
come with flexresp2 built in I think.)

Otherwise, try putting an obvious syntax error into your new rules and
see if snort fails to start up.

If that doesn't show anything, post your new rules here, and your
config for eth1 and eth2.

(Oh, and thanks - I'd been meaning to look up how to set the sensor
name :)

cheers,
 Jamie
-- 
James Riden / j.riden () massey ac nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/




-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Error in Postgres dbase reynald (Jan 19)
- Re: Error in Postgres dbase Kevin Johnson (Jan 19)
- <Possible follow-ups>
- Fw: Error in Postgres dbase reynald (Jan 19)
  - Re: Fw: Error in Postgres dbase James Riden (Jan 19)
- Fw: Fw: Error in Postgres dbase reynald (Jan 20)