Snort mailing list archives

Re: mysql error prevails...

From: AllowOverride <allowoverride () gmail com>
Date: Sat, 06 Oct 2012 13:26:12 -0700

netstat -lpn | grep 3306
tcp        0      0 127.0.0.1:3306          0.0.0.0:*
LISTEN      2114/mysqld     


you are correct, it is only listening locally, but i am also typing cmds
on the server itself so... i guess that rules out that theory.
unless the barnyard2 conf says, log to 192.168.1.14:3306 for which it
does not, nor does the howtos refer to that.
they state, log locally to localhost which of course is 127.0.0.1. they
do not mention anything about setting you mysql to listen 
at all to port 3306 standard mysql port.

why would i try to log/listen to a socket port like 192.168.1.14 when
the server is logging to itself?

i like your cmd though, thanks. ill add that to my netstat option
toolbag.

--- Begin Message --- From: James Lay <jlay () slave-tothe-box net>
Date: Sat, 6 Oct 2012 12:34:13 -0600

Looks like your mysql may not be listening on 192.168.1.14.  On the 192.168.1.14 box try:

sudo netstat -lpn | grep 3306

If you see:

tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      #/mysqld

Then it's only listening on 127.0.0.1.

James

On Oct 6, 2012, at 12:06 PM, AllowOverride <allowoverride () gmail com> wrote:

i'll reread the section again, it was rather large and the verbiage used
was not that um... explanatory and left room for syntax error on my
part. mysql docs are not always user friendly for me...

yes i do read everything and click links,,, huh??

thanks for actual suggestions that were more specific.

more to follow...



On Sat, 2012-10-06 at 04:31 -0400, beenph wrote:

On Fri, Oct 5, 2012 at 5:59 AM, AllowOverride <allowoverride () gmail com> wrote:

you mean snort.* yes i have


Do you actually read e-mails and links sent to you such as the MySQL
documentation?


By wildcard i didin/t mean * but  %

<SNIP

Also have you tried to wildcard your access for the user you configured?

UPDATE mysql.user SET host="%' WHERE user='YOURCONFIGUREDUSED';

REF: https://dev.mysql.com/doc/refman/5.5/en/adding-users.html

And make sure to flush--privileges/reload before testing .
</SNIP>


And in your Context "YOURCONFIGUREDUSER" should be snort.



------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!



------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

--- End Message ---

------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Re: mysql error prevails..., (continued)
- - Re: mysql error prevails... AllowOverride (Oct 04)
  - Re: mysql error prevails... AllowOverride (Oct 04)
    - Re: mysql error prevails... Marcos Rodriguez (Oct 04)
    - Re: mysql error prevails... AllowOverride (Oct 04)
    - Re: mysql error prevails... AllowOverride (Oct 04)
    - Re: mysql error prevails... beenph (Oct 04)
    - Re: mysql error prevails... AllowOverride (Oct 05)
    - Re: mysql error prevails... AllowOverride (Oct 05)
    - Message not available
    - Re: mysql error prevails... AllowOverride (Oct 06)
    - Re: mysql error prevails... James Lay (Oct 06)
    - Re: mysql error prevails... AllowOverride (Oct 06)
    - Message not available
    - Re: mysql error prevails... AllowOverride (Oct 06)
    - Re: mysql error prevails... beenph (Oct 06)
    - Re: mysql error prevails... AllowOverride (Oct 06)
    - Re: mysql error prevails... beenph (Oct 06)
    - Re: mysql error prevails... AllowOverride (Oct 06)
    - Message not available
    - Re: mysql error prevails... Eric G (Oct 06)
    - Re: mysql error prevails... AllowOverride (Oct 06)
    - Message not available
    - Re: mysql error prevails... AllowOverride (Oct 06)
    - Message not available
    - Re: mysql error prevails... AllowOverride (Oct 06)
    - Message not available
    - Re: mysql error prevails... AllowOverride (Oct 06)

(Thread continues...)