Re: Snort woes
From: Ian Jones (ian@dsl081-056-052.sfo1.dsl.speakeasy.net)Date: 12/12/01
- Next message: Ian Jones: "Re: mod php + Apache (Security problem)"
- Previous message: Bit Twister: "Re: PCI: probing PCI hardware ... in eterno"
- In reply to: magikh0e@penguin-security.com: "Snort woes"
- Next in thread: magikh0e@penguin-security.com: "Re: Snort woes"
- Reply: magikh0e@penguin-security.com: "Re: Snort woes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Ian Jones <ian@dsl081-056-052.sfo1.dsl.speakeasy.net> Date: Wed, 12 Dec 2001 10:59:29 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
magikh0e@penguin-security.com writes:
> Anybody have any problems with snort 1.8.3 with logging to a mysql
> database? Mine will only log mostly nmap scans when I test it with cgi
> scans or something nothing happens when I try to view it with latest
> acid console. Any ideas? Thanks ahead
Have you confirmed that snort is alerting on the signatures for what
you are trying against it? Try to also log to a file to confirm that
it is alerting in the first place:
output log_tcpdump: snort.log
output database: log, mysql, user=sndbusr dbname=sndb host=loghst
-----BEGIN PGP SIGNATURE-----
Comment: Keeping the world safe for geeks.
iD8DBQE8F6kRwBVKl/Nci0oRAhvyAJsE4rqDOrI1YTxCJAho0LKknNkvoQCfTRer
/gWHkjMvqt1TlYNcHWyz4AM=
=5ZN8
-----END PGP SIGNATURE-----
- Next message: Ian Jones: "Re: mod php + Apache (Security problem)"
- Previous message: Bit Twister: "Re: PCI: probing PCI hardware ... in eterno"
- In reply to: magikh0e@penguin-security.com: "Snort woes"
- Next in thread: magikh0e@penguin-security.com: "Re: Snort woes"
- Reply: magikh0e@penguin-security.com: "Re: Snort woes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
