tslighter at ...5174...
Mon Apr 28 09:59:16 EDT 2003
For those out there wishing to use snort-inline with mysql...have figured
out how to get it working
snort-inline (any version 1.91 or higher)
apache + php
acid + phplot + adodb + jpgraph
Here is what I did to make things work.
First configure regular snort as "./configure --with-mysql" and then "make"
and "make install"
next configure snort-inline as "./configure --enable-inline --with-mysql"
and "make" and "make install".
The rest of the apache + php + acid + phplot + adodb + jpgraph etc....all
those things everyone knows that stuff. Use the doc on snort.org to
configure iptables and ip_queue etc....
the key here is that regular snort MUST be configured --with-mysql.
Afterall, snort-inline is using the snort.conf file. so configure the
snort.conf file just like you were setting it up for snort + acid + mysql.
With that done, I am getting all attempted scans and exploits dropped and
they are showing up in the mysql database and on the ACID console.
That's all folks
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users