[Snort-users] Snort Red hat 7.2, ACID, MySQL.

Christopher Lyon cslyon at ...6523...
Sun Aug 4 22:10:03 EDT 2002


Your best bet is not to use RPM's. I have got Snort with the ACID/Mysql
combo working on both 7.2 and 7.3. Here are my install notes:
 
Install 7.2 or 7.3 with postgresql and postgresql-libs. Once that is
completed you will need to install apache and PHP using the following
commands:
 
1.    Apache 1.3.26 
a.    tar  - zxvf apache_1.3.26.tar.gz into the /usr/local directory
b.    ./configure --prefix=/usr/local/apache --enable-module=so
i.    make
ii.   make install 
 
2.    PHP 4.2.2 
a.    tar - zxvf php-4.2.2.tar.gz into the /usr/local directory
b.    ./configure --with-mysql= --with-gd  --with-apxs=
/usr/local/apache/bin/apxs
i.    make
ii.   make install 
 
Once that is all done you can move the ACID, PHPlot, GD and ADODB in the
HTDOCS directory. Don't forget to modify the httpd.conf file with the
following items.
 
# LoadModule foo_module modules/mod_foo.so 
LoadModule php4_module        modules/libphp4.so
AddType application/x-httpd-php  .php
 
Once that happens you should be good. Snort.org also has a good document for
the database and web security stuff. You might want to look at it for more
information. Let me know how it goes.
 
 
 
__________________________________________
Christopher Lyon
DNS Network Services
v: 949-255-5066 f: 949-253-1555
cslyon at ...6523...
 
-----Original Message-----
From: Brian Ertel [mailto:bsertel at ...4207...] 
Sent: Tuesday, July 30, 2002 7:43 AM
To: Snort (E-mail)
Subject: [Snort-users] Snort Red hat 7.2, ACID, MySQL.
 
 
 
Presently we have the system up and running.  Now, it seems
that ACID displays the totality of what is contained in MySQL.
Is there a way to, lets say every 24 hours, dump the information
snorted in that past 24 hours into MySQL and have ACID only display
what is presently being snorted?  For example, if I activate Snort
on Monday morning at 8:30am, can I configure Snort or ACID or MySQL
to (on Tues. morning at say 8:15am) take that past 24 hours worth
of info store it away in MySQL so that ACID only displays what is
presently being Snorted, i.e. starting at 8:30 Tues morning? 
 
Any thoughts?
 
----------------------------------
Brian Ertel
Systems & Networking
Network Administrator
Amherst College
Voice: 413-542-8320
Fax:    413-542-2626
bsertel at ...4207...
----------------------------------
 
 
 
 
 
 
-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020804/b1d10063/attachment.html>


More information about the Snort-users mailing list