[Snort-users] Snort 2.0 as a Windows Service??

Michael Steele michaels at ...155...
Wed Apr 23 08:48:15 EDT 2003


Russ,

Concerning the / in the documentation, they are correct. The
documentation may work with \ but I have not tested it. Some of the
programs were either converted from UNIX or are native UNIX but work
with Windows. I believe there is a warning in the docs that state
something to the effect that if the docs specify / not to use a \ or the
install may break.

-Michael
-- 
 Michael Steele | System Engineer / Support Technician     
 mailto:michaels at ...155...    
 Silicon Defense - The Cyber-War Defense Company
 Website: http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Uhte, Russ
Sent: Wednesday, April 23, 2003 5:37 AM
To: 'kerberos K'; 'snort-users at lists.sourceforge.net'
Subject: RE: [Snort-users] Snort 2.0 as a Windows Service??


> Here is the output from that command:
> 
> C:\Snort\snort\bin>snort -c c:\snort\snort\etc\snort.conf -l 
> c:\snort\snort\log -h 10.0.1.0.0/24 -
> Running in IDS mode
> Log directory = c:\snort\snort\log
> 
> Initializing Network Interface 
> \Device\NPF_{2B69D982-02F2-4669-B6F4-A80FB5340CAB}
> 
>         --== Initializing Snort ==--
> Initializing Output Plugins!
> Decoding Ethernet on interface 
> \Device\NPF_{2B69D982-02F2-4669-B6F4-A80FB5340CAB}
> Initializing Preprocessors!
> Initializing Plug-ins!
> Parsing Rules file c:\snort\snort\etc\snort.conf
<..SNIP..>
> database: compiled support for ( mysql odbc )
> database: configured to use mysql
> database:          user = snort
> database: password is set
> database: database name = snort
> database:          host = 127.0.0.1
> database:          port = 3306
> database:   sensor name = Websrv15e
> database:     sensor id = 2
> database: schema version = 106
> database: using the "alert" facility
> database: compiled support for ( mysql odbc )
> database: configured to use mysql
> database:          user = snort
> database: database name = snort
> database:          host = 127.0.0.1
> database:          port = 3306
> database:   sensor name = Websrv15e
> ERROR: database: mysql_error: Access denied for user: 
> 'snort at ...263...' 
> (Using password: NO)
> Fatal Error, Quitting..

In your snort.conf file, do you have the proper username/password setup
for
your database?  I think what I would do from here is grab the
winsnortiis.pdf file from SiliconDefense and start at page 8.  Make sure
you
change your database output lines in snort.conf as shown on page 6 to
reflect the users that you create in the database.  See where that takes
you, and let me know.  

Also, Michael, if your reading this, I noticed a couple places in that
documentation that had "/" when they should have been "\".  I'd be happy
to
point those out to you if you would like.  Awesome document!!  Great
work!!

-Russ


---
CONFIDENTIALITY NOTICE: This email and any attachments are for the
exclusive
and confidential use of the intended recipient. If you are not the
intended
recipient, please do not read, distribute or take action in reliance
upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users







More information about the Snort-users mailing list