[Snort-users] errors running ACID in a Win2K configuration

Michael Steele michaels at ...9077...
Wed Jun 11 18:10:11 EDT 2003


Francesco,

You might upgrade to the latest stable version of PHP.

http://www.winsnort.com/files/support200/php4-win32-STABLE-latest.zip

Has the IDS ever worked properly with the configuration you have?

Try replacing Acid (may be corrupt).

Create the tables all over again.

Make sure that the Windows Temp folder is specified in your php.ini and the
folder has the correct permissions (Everyone Full).

Make sure that you only have one php.ini file on your system. There is
usually one in the main /php/ folder and that file will be read first, just
incase you transferred the php.ini file to the system_root folder.

All your files look good, maybe a little outdated. If you want all the
latest files, then, from your browser navigate to winsnort.com, and read the
latest installation documentation for your application and grab the files
from the list.

Cheers...

-Michael Steele
-- 
 System Engineer / Security Support Technician     
 mailto:michaels at ...9077...    
 Website: http://www.winsnort.com
 Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Francesco
Sent: Wednesday, June 11, 2003 1:02 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] errors running ACID in a Win2K configuration

I face a problem running ACID in Windows while collecting data from 
a  snort sensor in Linux.

Well, it is mainly related to some errors I get when accessing the ACID 
main page with the browser.

Let me try to explain:
- the Win2K system I use to display the results has MySQL 4.0.x installed 
and ADODB 3.40, PHP 4.3.1 and ACID acid-0.9.6b23.

I can resume the information through ACID and the main page (acid.html) is 
clean, ith no error but when I access any further page (for instance the 
snapshot of the most recent Alerts, for any protocol, 
http://127.0.0.1/acid/acid_qry_main.php?new=1&caller=last_any&num_result_row
s=-1&submit=Last%20Any), 
I have a long list of errors of this kind:

1. Notice: Uninitialized string offset: 0 in 
c:\inetpub\wwwroot\acid\acid_state_citems.inc on line 353

2. Notice: Undefined offset: 1 in 
c:\inetpub\wwwroot\acid\acid_state_citems.inc on line 354

3. Notice: Undefined offset: 2 in 
c:\inetpub\wwwroot\acid\acid_state_citems.inc on line 355

4. Notice: Uninitialized string offset: 0 in 
c:\inetpub\wwwroot\acid\acid_state_citems.inc on line 508

5. Notice: Undefined offset: 1 in 
c:\inetpub\wwwroot\acid\acid_state_citems.inc on line 509

6. Notice: Uninitialized string offset: 0 in 
c:\inetpub\wwwroot\acid\acid_state_citems.inc on line 183

7. Notice: Undefined index: QUERY_STRING in 
c:\inetpub\wwwroot\acid\acid_state_criteria.inc on line 380

8. Notice: Uninitialized string offset: 0 in 
c:\inetpub\wwwroot\acid\acid_state_citems.inc on line 403

9. Notice: Uninitialized string offset: 1 in 
c:\inetpub\wwwroot\acid\acid_state_citems.inc on line 553

Is anyone easy to understand where the problem lies and help me to 
understand how to fix?


Thanks in advance for your help,
Francesco



-------------------------------------------------------
This SF.NET email is sponsored by: eBay
Great deals on office technology -- on eBay now! Click here:
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users







More information about the Snort-users mailing list