[Snort-users] question regarding snort, acid, mysql, and redhat 7.3
bob.dixon at ...4371...
Sat Oct 26 17:57:02 EDT 2002
I'm trying to get snort working with mysql and acid. I think that I am
following the directions to set this up, but apparently I am missing
something (probably really simple). Snort works fine from a command
line. Also, apache is up. But when I go to what should be my ACID page
(http://10.0.0.2/acid/index.html), all I get is:
Internal Server Error
The server encountered an internal error or misconfiguration and was
unable to complete your request.
I get the same result going to http://10.0.0.2/acidviewer/index.html).
Any idea what might be wrong? I am trying to follow Steven Scott's
guide, but I am obviously missing something here.
Also, have 2 NIC's. Eth0 is 10.0.0.2 and eth1 is unnumbered. Snort seems
to try and run on eth0, but I think it should be running on eth1. Is
this correct? I am using the snortd script suggested by Steven in his
pdf, and I have configured "INTERFACE=eth1 " in the script. However,
/var/log/messages shows that snort is putting eth0 into promiscuous mode
each time I run "snortd start". Does this sound correct?
I have been trying to go over the details of this for several days to
see if I have missed something simple, but I can't find out what I am
doing wrong. If anyone here has any ideas, I would really appreciate it.
Thanks for your time,
BTW- Here are the versions of software that I am running.
More information about the Snort-users