[Snort-users] snort

sanaâ Aitouchen sanaa52 at ...125...
Wed Apr 7 11:55:22 EDT 2004



think you for your help,
all things work well know but the problem is when i want to use snort in
mode NIDS i must change the directory of mysql.sock in  my.cnf file from
/tmp/mysql.sock to /var/lib/mysql/mysql.sock as knowing as the mysql.sock
directory file is /tmp/mysql.sock so i did a link in /var/lib/mysql/ to
/tmp/mysql.sock and it worked but when i wont to use Acid it gaves me this
error:


Warning: mysql_pconnect(): Can't connect to local MySQL server through
socket '/tmp/mysql.sock' (111) in
/www/htdocs/adodb/drivers/adodb-mysql.inc.php on line 266

Error (p)connecting to DB : snort at ...274...
to resolve this problem i must change the directory from
/var/lib/mysql/mysql.sock  to /tmp/mysql.sock in my.cnf file and it 
workedbut the same for snort

so to resolve this problem when i wont to use snort i start mysql with:
mysqld_safe --socket=/var/lib/mysql/mysql.sock

and when i wont to use acid i restart mysql with:
mysqld_safe --socket=/tmp/mysql.sock

i know, it's a stuped solution so please if you have another solution please
   write it to me

think you for your help

sanaa

>
> >From: Mark.Schutzmann at ...10438...
> >To: sanaâ Aitouchen <sanaa52 at ...125...>
> >CC: ravivsn at ...9637...,snort-users at lists.sourceforge.net
> >Subject: Re: [Snort-users] Snort en mode NIDS
> >Date: Mon, 5 Apr 2004 12:10:08 -0500
> >
> >
> >Dejavue!
> >cp <snort installation directory>/etc/unicode.map /etc/snort/unicode.map
> >vi /etc/snort/snort.conf
> >  goto line 285, modify the line to point to the /etc/snort/unicode.map.
> >
> >Mark
> >
> >
> >
> >                       sanaâ Aitouchen
> >                       <sanaa52 at ...125...>               To:
> >ravivsn at ...9637..., snort-users at lists.sourceforge.net
> >                       Sent by:                            cc:
> >                       snort-users-admin at ...4626...        Subject:  Re:
> >[Snort-users] Snort en mode NIDS
> >                       ceforge.net
> >
> >
> >                       03/29/2004 11:00 AM
> >
> >
> >
> >
> >
> >
> >i'have problem when i wont to use snort in mode NIDS, and when i type
> >shel>snort -l /var/log -h 10.100.11.0/24 -c /etc/snort/snort.conf
> >
> >Running in IDS mode
> >Log directory = /var/log
> >Initializing Network Interface eth0
> >
> >         --== Initializing Snort ==--
> >Initializing Output Plugins!
> >Decoding Ethernet on interface eth0
> >Initializing Preprocessors!
> >Initializing Plug-ins!
> >Parsing Rules file /etc/snort/snort.conf
> >
> >+++++++++++++++++++++++++++++++++++++++++++++++++++
> >Initializing rule chains...
> >,-----------[Flow Config]----------------------
> >| Stats Interval:  0
> >| Hash Method:     2
> >| Memcap:          10485760
> >| Rows  :          4099
> >| Overhead Bytes:  16400(%0.16)
> >`----------------------------------------------
> >No arguments to frag2 directive, setting defaults to:
> >     Fragment timeout: 60 seconds
> >     Fragment memory cap: 4194304 bytes
> >     Fragment min_ttl:   0
> >     Fragment ttl_limit: 5
> >     Fragment Problems: 0
> >     Self preservation threshold: 500
> >     Self preservation period: 90
> >     Suspend threshold: 1000
> >     Suspend period: 30
> >Stream4 config:
> >     Stateful inspection: ACTIVE
> >     Session statistics: INACTIVE
> >     Session timeout: 30 seconds
> >     Session memory cap: 8388608 bytes
> >     State alerts: INACTIVE
> >     Evasion alerts: INACTIVE
> >     Scan alerts: INACTIVE
> >     Log Flushed Streams: INACTIVE
> >     MinTTL: 1
> >     TTL Limit: 5
> >     Async Link: 0
> >     State Protection: 0
> >     Self preservation threshold: 50
> >     Self preservation period: 90
> >     Suspend threshold: 200
> >     Suspend period: 30
> >Stream4_reassemble config:
> >     Server reassembly: INACTIVE
> >     Client reassembly: ACTIVE
> >     Reassembler alerts: ACTIVE
> >     Zero out flushed packets: INACTIVE
> >     flush_data_diff_size: 500
> >     Ports: 21 23 25 53 80 110 111 143 513 1433
> >     Emergency Ports: 21 23 25 53 80 110 111 143 513 1433
> >ERROR: /etc/snort/snort.conf(285) => Invalid file name for IIS Unicode 
>Map
> >file.
> >Fatal Error, Quitting..
> >
> >so where is the problem and how i can resolve it ,
> >thinks
> >
> >_________________________________________________________________
> >MSN Search, le moteur de recherche qui pense comme vous !
> >http://search.msn.fr/worldwide.asp
> >
> >
> >
> >-------------------------------------------------------
> >This SF.Net email is sponsored by: IBM Linux Tutorials
> >Free Linux tutorial presented by Daniel Robbins, President and CEO of
> >GenToo technologies. Learn everything from fundamentals to system
> >administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
> >_______________________________________________
> >Snort-users mailing list
> >Snort-users at lists.sourceforge.net
> >Go to this URL to change user options or unsubscribe:
> >https://lists.sourceforge.net/lists/listinfo/snort-users
> >Snort-users list archive:
> >http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> >
> >
> >
> >
>
>_________________________________________________________________
>MSN Messenger : discutez en direct avec vos amis !
>http://www.msn.fr/msger/default.asp
>
>
>--
>MySQL General Mailing List
>For list archives: http://lists.mysql.com/mysql
>To unsubscribe:    
>http://lists.mysql.com/mysql?unsub=palmtreeFRB@...741...
>  

_________________________________________________________________
MSN Search, le moteur de recherche qui pense comme vous ! 
http://search.msn.fr/worldwide.asp





More information about the Snort-users mailing list