[Snort-users] RE:[Snort-users] Remote Sensor??

kerberos K kerberos_k at ...125...
Fri Dec 5 14:31:02 EST 2003


Still having problems after reading Michael's article... I know what the 
problem is (I think), just not exactly sure how to fix it.

I know I need to add the remote sensor to the MySQL database with the 
appropriate rights, I.E. "SELECT, INSERT, & UPDATE". However, I am not sure 
of the proper syntax...

I KNOW, I KNOW, I'm reading the manual now...

;)

--Kerb

>From: <wfz at ...7588...>
>Reply-To: <wfz at ...7588...>
>To: <snort-users at lists.sourceforge.net>
>Subject: [Snort-users] RE:[Snort-users] Remote Sensor??
>Date: Fri, 05 Dec 2003 16:28:29 -0300
>
>K Kerberos:
>
>Be sure that the MySQL database has an appropiate user with select and 
>insert privileges for the new sensor.
>Follow Michael Steele´s guide on adding a W2K remote sensor:
>
>http://www.winsnort.com/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=13&page=1
>
>-do it item by item, and you won´t fail, it´s quite a good reference-.
>
>Good luck.
>
>
>
>-- Mensaje Original --
>Enviado por: kerberos K <kerberos_k at ...125...>
>Fecha: 05/12/2003 18:22:33
>Para: <snort-users at lists.sourceforge.net>
>Título: [Snort-users] Remote Sensor??
>
>Hello all,
>
>I have Snort 2.0.4 running on a single windows 2000 machine, with a local
>MySQL database and using ACID to display the results. Everything is working
>great. Now, I'm trying to add an additional sensor to my configuration.
>
>On the remote machine, I have installed Snort, configured it to run as a
>Win2k Service, edited my Snort.conf file, and used the existing MySQL
>database as the "ouput plugin". However, when I attempt to connect to the
>remote database, I get an error, saying
>
>" E♦Host '198.1.xxx.xxx' is not allowed to connect to this MySQL
>server
>
>Connection to host lost."
>
>On the remote machine running MySQL, I have ensured that the 'My.ini" file
>"bind-address" is commented out, and I have checked the Snort /Service
>/Install Parameters to ensure that they are correct...
>
>Any suggestions?
>
>TIA
>
>_________________________________________________________________
>Get holiday tips for festive fun.
>http://special.msn.com/network/happyholidays.armx
>
>
>
>-------------------------------------------------------
>This SF.net email is sponsored by: IBM Linux Tutorials.
>Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
>Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
>Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>__________________________________________________
>
>Todavía no tenés tu Ciudad Internet Mail? Obtenelo ahora! - 
>http://webmail.ciudad.com.ar
>
>Descargá Gratis el nuevo Internet Explorer 6.0, el mejor software para 
>actualizar tu PC.
>http://www.ciudad.com.ar/ar/servicios/ie/
>
>
>
>-------------------------------------------------------
>This SF.net email is sponsored by: IBM Linux Tutorials.
>Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
>Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
>Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users

_________________________________________________________________
Our best dial-up offer is back.  Get MSN Dial-up Internet Service for 6 
months @ $9.95/month now! http://join.msn.com/?page=dept/dialup





More information about the Snort-users mailing list