Fw: [Snort-users] acid installation problem

alexus ml at ...1718...
Tue Apr 3 15:16:13 EDT 2001


----- Original Message -----
From: "alexus" <ml at ...1718...>
To: <roman at ...438...>
Sent: Tuesday, April 03, 2001 11:10 AM
Subject: Re: [Snort-users] acid installation problem


> ----- Original Message -----
> From: <roman at ...438...>
> To: "alexus" <ml at ...1718...>; "shawn . moyer" <shawn at ...1184...>;
> <snort-users at lists.sourceforge.net>
> Cc: <roman at ...438...>
> Sent: Tuesday, April 03, 2001 3:33 AM
> Subject: Re: [Snort-users] acid installation problem
>
>
> > Lets confirm a couple of things:
> >
> > - What is the output of "mysql> show tables" on your Snort
> > database?
>
> mysql> show tables;
> +------------------+
> | Tables_in_alexus |
> +------------------+
> | acid_ag          |
> | acid_ag_alert    |
> | data             |
> | detail           |
> | encoding         |
> | event            |
> | icmphdr          |
> | iphdr            |
> | opt              |
> | sensor           |
> | tcphdr           |
> | udphdr           |
> +------------------+
> 12 rows in set (0.00 sec)
>
> mysql>
>
>
> >
> > - You successfully ran "./contrib/create_mysql" to create the
> > initial Snort database?  (Can you confirm that the schema was
> > created using the mysql client?  e.g. mysql> desc iphdr)
>
> i think i got it successfully run... although...
>
> bash-2.04$ mysql -p> desc iphdr
> Enter password:
> ERROR 1049: Unknown database 'iphdr'
> bash-2.04$
>
>
> >
> > - From the log below, it would appear you have created a
> > fully priviledged user "alexus" (this mean permissions should be
> > fine)
> >
>
> I change 'em a little to the way the supposte to be
>
>
+-----------+--------+------------------+-------------+-------------+-------
> ------+-------------+-------------+-----------+-------------+-------------
--
>
+--------------+-----------+------------+-----------------+------------+----
> --------+
> | Host      | User   | Password         | Select_priv | Insert_priv |
> Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv |
> Shutdown_priv | Process_priv | File_priv | Grant_priv | References_priv |
> Index_priv | Alter_priv |
>
+-----------+--------+------------------+-------------+-------------+-------
> ------+-------------+-------------+-----------+-------------+-------------
--
>
+--------------+-----------+------------+-----------------+------------+----
> --------+
> | localhost | alexus | 34484ed463a66850 | Y           | Y           | N
> | Y           | N           | N         | N           | N             | N
> | N         | N          | N               | N          | N          |
>
+-----------+--------+------------------+-------------+-------------+-------
> ------+-------------+-------------+-----------+-------------+-------------
--
>
+--------------+-----------+------------+-----------------+------------+----
> --------+
> 1 row in set (0.00 sec)
>
> mysql>
>
>
> > - Are you successfully logging with Snort?  (Can you see the
> > alerts in the DB with the mysql client?)
> >
>
> that's I think my problem .. i dont think snort is login anything in
> database
> although i did change it in snort.conf to do so
>
> > - What version of ACID did you try?
> >
>
> latest beta..
>
> > cheers,
> > Roman
> >
> > > less likly i gave that user all possible priveleges
> > >
> > > mysql> select * from user where user='alexus';
> > >
>
+-----------+--------+------------------+-------------+-------------+-------
> >
>
> ------+-------------+-------------+-----------+-------------+-------------
> --
> > >
>
+--------------+-----------+------------+-----------------+------------+----
> > > --------+
> > > | Host      | User   | Password         | Select_priv | Insert_priv |
> > > Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv |
> > > Shutdown_priv | Process_priv | File_priv | Grant_priv |
References_priv
> |
> > > Index_priv | Alter_priv |
> > >
>
+-----------+--------+------------------+-------------+-------------+-------
> >
>
> ------+-------------+-------------+-----------+-------------+-------------
> --
> > >
>
+--------------+-----------+------------+-----------------+------------+----
> > > --------+
> > > | localhost | alexus | 34484ed463a66850 | Y           | Y           |
Y
> > > | Y           | Y           | Y         | Y           | Y
|
> Y
> > > | Y         | Y          | Y               | Y          | Y          |
> > >
>
+-----------+--------+------------------+-------------+-------------+-------
> >
>
> ------+-------------+-------------+-----------+-------------+-------------
> --
> > >
>
+--------------+-----------+------------+-----------------+------------+----
> > > --------+
> > > 1 row in set (0.00 sec)
> > >
> > > mysql>
> > >
> > >
> > > ----- Original Message -----
> > > From: "shawn . moyer" <shawn at ...1184...>
> > > To: "alexus" <ml at ...1718...>
> > > Cc: <snort-users at lists.sourceforge.net>
> > > Sent: Monday, April 02, 2001 6:07 PM
> > > Subject: Re: [Snort-users] acid installation problem
> > >
> > >
> > > > Is it possible that the Acid SQL user didn't have permission to
create
> > > > the indexes and alert group db's?
> > > >
> > > >
> > > >
> > > > --shawn
> > > >
> > > > --
> > > >
> > > > s h a w n   m o y e r
> > > > shawn at ...1184...
> > > >
> > > > "Nuclear war would really set back cable."
> > > >                      -- Ted Turner
> > > >
> > > >
> > > >
> > > > alexus wrote:
> > > > >
> > > > > oh i'm sorry i forgot to mention that
> > > > > i went to acid_db_setup.php
> > > > > and i clicked on both create acid ag and create indexes...
> > > > > it didn't do anything.. when i logon in mysql to see any tables
> > > > > no tables appeared
> > > > >
> > > > > and i set everything correct in acid_conf.php
> > > >
> > >
> > >
> > > _______________________________________________
> > > Snort-users mailing list
> > > Snort-users at lists.sourceforge.net
> > > Go to this URL to change user options or unsubscribe:
> > > http://lists.sourceforge.net/lists/listinfo/snort-users
> > > Snort-users list archive:
> > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > >
> >
> >
> >
> > ---------------------------------------------
> > This message was sent using Voicenet WebMail.
> >       http://www.voicenet.com/webmail/
> >
> >
> >
>





More information about the Snort-users mailing list