[Snort-users] SnortCenter v1.0-RC1 works?

SecurityAdmin at ...7345... SecurityAdmin at ...7345...
Mon Sep 15 06:32:07 EDT 2003


I get the same error as Dax, running snort 2.01 on FreeBSD 4.8 with a remote
MySQL server 3.23.57 and I've tried everything to correct it without
success.

-----Original Message-----
From: Y P Chien [mailto:ypchien at ...9824...] 
Sent: Friday, September 12, 2003 2:49 PM
To: Dax Kelson
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] SnortCenter v1.0-RC1 works?

I am wondering anybody has had SnorCenter v1.0-RC1 working at all?
I have posted similar question before regarding the problem of the "Rule
Selection" under "Sensor Configuration".

When you choose the "Rule Selection" under "Sensor Configuration", you will
get the Database Error with the following error message:

  Warning: Division by zero in /var/www/html/snortcenter/sensor_rules.php on
line 370

  As such, I was not able to configure and push rules to the Snort.conf file
on the sensor.  I was able to push all the rest configurations to the
sensor.

  Any suggestion and help we can get, will be greatly appreciated.

  YP

----- Original Message ----- 
From: "Dax Kelson" <Dax at ...10042...>
To: <snort-users at lists.sourceforge.net>
Sent: Saturday, September 06, 2003 11:20 AM
Subject: [Snort-users] SnortCenter v1.0-RC1 works?


> I was wondering if anyone has tried out SnortCenter v1.0-RC1?
>
> This is my experience so far:
>
> I was wondering if anyone can has encountered the same or gotten
> further.
>
> ===================================
>
> I'm using ADODB v372.
>
> I changed the following lines in my snortcenter/config.php.
>
> (real values changed to project the innocent)
>
> $DBlib_path     = "/var/www/adodb-372/";
> $DB_user        = "snortc";
> $DB_password    = "snortcpass";
> $hidden_key_num = "114096721009"
>
> I configured Mysql and created the schema with:
>
> # mysql snortcenter < /var/www/html/snortcenter/snortcenter_db.mysql
>
> In the SnortCenter web interface I changed my admin password and then
> did:
>
> Admin -> Import/Update Rules -> Update from Internet
>
> The follow error shows up on the screen:
>
> Database ERROR: Database ERROR:Unknown column 'byte_jump' in 'field
> list'
>
> If I grep for "byte_jump" in the snortcenter_db files I don't get any
> matches.
>
> Also, in my web server error log these entries appeared:
>
> tar: rules/attack-responses.rules: Wrote only 4096 of 10240 bytes
> tar: Skipping to next header
> tar: rules/bad-traffic.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/ddos.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/dns.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/exploit.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/icmp-info.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/imap.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/multimedia.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/nntp.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/other-ids.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/policy.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/porn.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: Archive contains obsolescent base-64 headers
> tar: rules/rservices.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/shellcode.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/snmp.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/telnet.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/web-attacks.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/web-client.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/web-frontpage.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/web-misc.rules: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/x11.rules: Wrote only 0 of 10240 bytes
> tar: rules/classification.config: Wrote only 0 of 10240 bytes
> tar: Skipping to next header
> tar: rules/reference.config: Wrote only 0 of 10240 bytes
> tar: rules/snort.conf: Wrote only 0 of 10240 bytes
> tar: Error exit delayed from previous errors
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list