[Snort-users] 2 questions that'll keep ya sober

Turner Ryan S CONT KPWA TurnerRS at ...160...
Fri Mar 22 11:11:57 EST 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm pretty sure these aren't drinking games questions, but I guess
you guys will be the judge of that.

1) 
OS: Win2k
Snort Version: 1.8.3 & 1.8.4
Command Line: snort -d -c snort.conf  (snort.conf modified
appropriately)

Is it just me or when you use the windows installer for 1.8.3 and
1.8.4 it doesn't include MySQL database logging capabilities even
when you do a custom install and select MySQL+Flexresp support?

Cause whenever I get compiled binaries with MySQL support they work
fine and dandy (1.8.2b86, 1.8.3b92), but with the installers I get
the "MySQL not compiled into this version" error. Seems to me that if
an installer boasts a certain feature it should actually work, but
then again maybe I'm just doing something wrong.

2) 
OS: Win2k
Snort Version: 1.8.3
Command Line: snort -d -b -l E:\log

I have 2 boxes. 1 box has 2 NICs(3com 3XPs). 1 NIC in the DMZ with no
IP. the other NIC connects to the other machine via a crossover
cable. I'm trying to do a binary dump to the other box in real time.
I map the drive of the 2nd computer, and tell snort to log to that
mapped drive (E:). When I try this I get packet loss, the machine is
a 1.4Ghz P4, 512MB RAM. If I log locally no packet loss occurs.   Am
I doing something wrong? Is there a better way to do this? Does this
require a faster machine? Can snort just not handle doing something
like that? I'm looking at about 10Mbs at max of traffic and my NICs
are 100Mb. I know, I know, technically that's more than 2 questions,
but you know what I mean :)

Thanks in advance.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPJuBS6KiH6Ifk0ftEQLBIACfZYNovyWUiwBWnZfeWliIBluvI6gAoN9Q
6biENdBT5zklraGPyxThj90p
=boEL
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020322/bf4b954d/attachment.html>


More information about the Snort-users mailing list