Snort mailing list archives
Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user
From: Kurt J <technicalfriend () yahoo com>
Date: Thu, 2 May 2013 22:39:52 -0700 (PDT)
For SNORT I just went ahead and exited it again to catch this status report output for the last session I ran it, and
now some events have been caught but it does not seem like very many yet for all the zenmap scans I have hit it with of
several kinds, but maybe its normal for a default new untuned rule set:
This is the command I am using now to run snort: ./snort -dev -k none -c /etc/snort/snort.conf
C*** Caught Int-Signal
===============================================================================
Run time for packet processing was 3181.920158 seconds
Snort processed 149889 packets.
Snort ran for 0 days 0 hours 53 minutes 1 seconds
Pkts/min: 2828
Pkts/sec: 47
===============================================================================
Packet I/O Totals:
Received: 298092
Analyzed: 149889 ( 50.283%)
Dropped: 148203 ( 33.207%)
Filtered: 0 ( 0.000%)
Outstanding: 148203 ( 49.717%)
Injected: 0
===============================================================================
Breakdown by protocol (includes rebuilt packets):
Eth: 149916 (100.000%)
VLAN: 0 ( 0.000%)
IP4: 149713 ( 99.865%)
Frag: 0 ( 0.000%)
ICMP: 1584 ( 1.057%)
UDP: 12154 ( 8.107%)
TCP: 135975 ( 90.701%)
IP6: 52 ( 0.035%)
IP6 Ext: 52 ( 0.035%)
IP6 Opts: 0 ( 0.000%)
Frag6: 0 ( 0.000%)
ICMP6: 0 ( 0.000%)
UDP6: 52 ( 0.035%)
TCP6: 0 ( 0.000%)
Teredo: 0 ( 0.000%)
ICMP-IP: 0 ( 0.000%)
IP4/IP4: 0 ( 0.000%)
IP4/IP6: 0 ( 0.000%)
IP6/IP4: 0 ( 0.000%)
IP6/IP6: 0 ( 0.000%)
GRE: 0 ( 0.000%)
GRE Eth: 0 ( 0.000%)
GRE VLAN: 0 ( 0.000%)
GRE IP4: 0 ( 0.000%)
GRE IP6: 0 ( 0.000%)
GRE IP6 Ext: 0 ( 0.000%)
GRE PPTP: 0 ( 0.000%)
GRE ARP: 0 ( 0.000%)
GRE IPX: 0 ( 0.000%)
GRE Loop: 0 ( 0.000%)
MPLS: 0 ( 0.000%)
ARP: 151 ( 0.101%)
IPX: 0 ( 0.000%)
Eth Loop: 0 ( 0.000%)
Eth Disc: 0 ( 0.000%)
IP4 Disc: 0 ( 0.000%)
IP6 Disc: 0 ( 0.000%)
TCP Disc: 0 ( 0.000%)
UDP Disc: 0 ( 0.000%)
ICMP Disc: 0 ( 0.000%)
All Discard: 0 ( 0.000%)
Other: 0 ( 0.000%)
Bad Chk Sum: 0 ( 0.000%)
Bad TTL: 0 ( 0.000%)
S5 G 1: 14 ( 0.009%)
S5 G 2: 13 ( 0.009%)
Total: 149916
===============================================================================
Action Stats:
Alerts: 37 ( 0.025%)
Logged: 37 ( 0.025%)
Passed: 0 ( 0.000%)
Limits:
Match: 0
Queue: 0
Log: 3
Event: 0
Alert: 0
Verdicts:
Allow: 149464 ( 50.140%)
Block: 0 ( 0.000%)
Replace: 0 ( 0.000%)
Whitelist: 425 ( 0.143%)
Blacklist: 0 ( 0.000%)
Ignore: 0 ( 0.000%)
===============================================================================
Frag3 statistics:
Total Fragments: 0
Frags Reassembled: 0
Discards: 0
Memory Faults: 0
Timeouts: 0
Overlaps: 0
Anomalies: 0
Alerts: 0
Drops: 0
FragTrackers Added: 0
FragTrackers Dumped: 0
FragTrackers Auto Freed: 0
Frag Nodes Inserted: 0
Frag Nodes Deleted: 0
===============================================================================
Stream5 statistics:
Total sessions: 74341
TCP sessions: 63607
UDP sessions: 10734
ICMP sessions: 0
IP sessions: 0
TCP Prunes: 0
UDP Prunes: 0
ICMP Prunes: 0
IP Prunes: 0
TCP StreamTrackers Created: 63607
TCP StreamTrackers Deleted: 63607
TCP Timeouts: 1
TCP Overlaps: 2
TCP Segments Queued: 3068
TCP Segments Released: 3068
TCP Rebuilt Packets: 822
TCP Segments Used: 2383
TCP Discards: 47
TCP Gaps: 14
UDP Sessions Created: 10734
UDP Sessions Deleted: 10734
UDP Timeouts: 0
UDP Discards: 0
Events: 198
Internal Events: 0
TCP Port Filter
Dropped: 0
Inspected: 0
Tracked: 135948
UDP Port Filter
Dropped: 0
Inspected: 82
Tracked: 10734
===============================================================================
HTTP Inspect - encodings (Note: stream-reassembled packets included):
POST methods: 24
GET methods: 212
HTTP Request Headers extracted: 257
HTTP Request Cookies extracted: 54
Post parameters extracted: 25
HTTP response Headers extracted: 257
HTTP Response Cookies extracted: 4
Unicode: 0
Double unicode: 0
Non-ASCII representable: 0
Directory traversals: 0
Extra slashes ("//"): 8
Self-referencing paths ("./"): 0
HTTP Response Gzip packets extracted: 91
Gzip Compressed Data Processed: 1220760.00
Gzip Decompressed Data Processed: 4050292.00
Total packets processed: 4213
===============================================================================
SMTP Preprocessor Statistics
Total sessions : 0
Max concurrent sessions : 0
===============================================================================
dcerpc2 Preprocessor Statistics
Total sessions: 0
===============================================================================
SSL Preprocessor:
SSL packets decoded: 563
Client Hello: 88
Server Hello: 91
Certificate: 83
Server Done: 179
Client Key Exchange: 78
Server Key Exchange: 26
Change Cipher: 166
Finished: 0
Client Application: 48
Server Application: 27
Alert: 51
Unrecognized records: 198
Completed handshakes: 0
Bad handshakes: 0
Sessions ignored: 17
Detection disabled: 41
===============================================================================
SIP Preprocessor Statistics
Total sessions: 0
===============================================================================
Reputation Preprocessor Statistics
Total Memory Allocated: 0
===============================================================================
Snort exiting
________________________________
From: beenph <beenph () gmail com>
To: Lars <technicalfriend () yahoo com>
Cc: "snort-users () lists sourceforge net" <snort-users () lists sourceforge net>
Sent: Friday, May 3, 2013 12:23 AM
Subject: Re: [Snort-users] Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql"
message followup - 1st time barnyard user
On Fri, May 3, 2013 at 12:17 AM, Lars <technicalfriend () yahoo com> wrote:
Maybe we need to rebuild Snort? All these good checks and verifications on our config files and all that but the problem remains the same.
Which problem? i) Post your snort command line. ii) Post your barnyard2 command line iii) Post your snort config. iv) Post your barnyard2 config ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user, (continued)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 07)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user waldo kitty (May 07)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Kurt Jensen (Apr 30)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user beenph (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user beenph (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Kurt J (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Kurt J (May 02)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user Lars (May 03)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user beenph (May 03)
- Re: Barnyard2 configure/compile problems and startup error: "Snort not compiled to use mysql" message followup - 1st time barnyard user beenph (May 02)