[Snort-users] Snort, php, MySQL and acid showing no activity

Demetri Mouratis dmourati at ...3877...
Fri Aug 23 10:34:05 EDT 2002


Nmap is a easier and faster in that it doesn't require client/server
setup:

http://www.insecure.org

HTH
On Fri, 23 Aug 2002, Randy Bey wrote:

> Oh yes, you need to do something to trigger a rule. I usually just run a
> quick Nessus(tm) scan; that does it for me.
>
> If there are faster, easier ways to trip a rule, please someone let me
> know.
>
> Randy Bey
> RiverNorth Systems
> 7300 W 147th St Suite 300
> Apple Valley, MN 55124
> http://www.rivernorthsys.com
>
>
> -----Original Message-----
> From: Joshua Rogers [mailto:josh at ...6676...]
> Sent: Friday, August 23, 2002 10:24 AM
> To: Snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] Snort, php, MySQL and acid showing no
> activity
>
> I just tried: /usr/local/bin/snort -c /etc/snort/snort.conf -D from the
> command line. It created an additional sensor, but still no activity in
> the
> db. Do I need to create any alerts? It seems that I can not create a
> useful
> alert until I have a traffic pattern to base it on. Am I correct in this
> assumption?
>
> Thanks,
> Joshua Rogers
> Webmaster
> InterPlanetary Web Services
> 303-940-2597
> IBO# 60092
> ----- Original Message -----
> From: "Randy Bey" <Randy.Bey at ...6683...>
> To: "Joshua Rogers" <josh at ...6676...>; <Snort-users at lists.sourceforge.net>
> Sent: Friday, August 23, 2002 9:31 AM
> Subject: RE: [Snort-users] Snort, php, MySQL and acid showing no
> activity
>
>
> Have you made sure you aren't using any -A switches on your snort
> command line? It should be as simple as:
> /usr/local/bin/snort -c /etc/snort/snort.conf -D
>
>
> Randy Bey
> RiverNorth Systems
> 7300 W 147th St Suite 300
> Apple Valley, MN 55124
> http://www.rivernorthsys.com
>
>
> -----Original Message-----
> From: Joshua Rogers [mailto:josh at ...6676...]
> Sent: Thursday, August 22, 2002 4:28 PM
> To: Snort-users at lists.sourceforge.net
> Subject: [Snort-users] Snort, php, MySQL and acid showing no activity
>
> Hi,
> I do not know what information will be helpful in showing me how to
> track
> down a problem on my system, but here goes. I am running:
> Red Hat Linux 7.3 with the latest updates
> PHP 4.2.1, register globals=on
> Apache 1.3.26
> MySQL 3.23.39
> GD 1.6.2
> The latest acid
> BCMath
>
> I followed the great doc on setting up snort-rh7-mysql, from the snort
> website. I had to make a few changes since I am running 7.3 and did not
> have
> all of the drive space shown in the doc. Somewhere along the line I
> think I
> missed something. Snort and MySQL seems to be running, the acid
> interface
> comes up fine with no errors but there is no data that shows up in the
> database or in the acid interface.
> What information would you need to help point me in the right direction
> to
> get snort recording data?
>
> Thanks,
> Joshua Rogers
> Webmaster
> InterPlanetary Web Services
> 303-940-2597
> IBO# 60092
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by: OSDN - Tired of that same old
> cell phone?  Get a new here for FREE!
> https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by: OSDN - Tired of that same old
> cell phone?  Get a new here for FREE!
> https://www.inphonic.com/r.asp?r=urceforge1&refcode1=3390
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=ort-users
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by: OSDN - Tired of that same old
> cell phone?  Get a new here for FREE!
> https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
> _________________________

---------------------------------------------------------------------
Demetri Mouratis
dmourati at ...3878...





More information about the Snort-users mailing list