[Snort-users] Create ACID AG

Naveen C Joshi naveen_joshi at ...11009...
Tue Apr 27 05:18:01 EDT 2004


Hi,

Settings on acid_conf.php is absolutely correct.  All the paths are correct.

My snort installation is using RPMs but I changed all the necessary changes
on the conf file.


Finally, I was unable to get it correct and then I created those 4 tables
manually (from command line) as I have the demo server also. Its working now
but it seems that there are some problems in configuration as below:

1.	When I choose the ADMIN-->Import/Update Rules--->Update from internet
	It says "No update this time....."
2.	When I choose the Resources-->Rules-->View Rules
	It does not show me the rules. Even the window shows me error "Database
ERROR:Unknown column 'byte_jump' in 'field list'"
3.	In my front screen there are 6 column (Sensor console, Sensor Config,
Resources, Admin, Alert console, Logout)
	But the screen shot given in net(http://users.pandora.be/larc/screenshots/)
show one another windows having different column name ( Sensor console,
Rules, config type, Admin, Alert console, logout. How Can I get this
windows?

Please suggest me, Is the manually creation of Acid table is correct or not?
While the acid windows is working fine and showing me the events and alerts.

Best Regards

Naveen





-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Nick Oliver
Sent: Monday, April 26, 2004 7:01 PM
To: Naveen C Joshi; Harper, Patrick; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Create ACID AG



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you used Patricks paper and followed the installation instructions
regarding the Apache install, the proper directory should be

> $DBlib_path = "/www/htdocs/adodb";

and

> $ChartLib_path = "/www/htdocs/jpgraph-1.14/src";

The paths you show in your .conf file are based upon a default, .rpm,
installation.  His paper has you installing Apache in a custom
location.
nwo

- ----- Original Message -----
From: "Naveen C Joshi" <naveen_joshi at ...11009...>
To: "Harper, Patrick" <patrick.harper at ...11593...>;
<snort-users at lists.sourceforge.net>
Sent: Monday, April 26, 2004 6:56 AM
Subject: RE: [Snort-users] Create ACID AG


> Hi All :
>
> Please help me on this topic, I am still facing same problem.
>
> Regards
>
> Naveen
>
>
> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net
> [mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Naveen
> C Joshi
> Sent: Tuesday, April 20, 2004 10:35 AM
> To: Harper, Patrick; snort-users at lists.sourceforge.net
> Subject: RE: [Snort-users] Create ACID AG
>
>
> Dear Harper,
>
> I am using doucment "snort_acid_rh9.pdf" and "acid_config.html".
> As I found on snort db there are 19 tables before and after of this
> process, and when I go back to the acid main page it again ask for
> to click on setup page and create the table.  It does not show any
> graph.
>
> I am using mysql database. Web browser means server(apache).   I am
> using IE 6, even two days back I have configured the demo setup and
> there was no problem at all.
>
>
> ################   acid_conf.php #######################
> $DBlib_path = "/var/www/html/adodb";
>
> $DBtype = "mysql";
>
> $alert_dbname   = "snort";
> $alert_host     = "localhost";
> $alert_port     = "";
> $alert_user     = "snort";
> $alert_password = "snort";
>
> /* Archive DB connection parameters */
>
> $archive_dbname   = "snort";
> $archive_host     = "localhost";
> $archive_port     = "";
> $archive_user     = "snort";
> $archive_password = "snort";
> $db_connect_method = 1;
>
> $db_connect_method = 1;
>
> $use_referential_integrity = 0;
>
> $ChartLib_path = "/var/www/html/jpgraph-1.14/src";
> $chart_file_format = "png";
>
> Thanks for your kind consideration.
>
> Regards
>
> Naveen
>
>
>
>
> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net
> [mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of
> Harper, Patrick
> Sent: Monday, April 19, 2004 9:16 PM
> To: Naveen C Joshi; snort-users at lists.sourceforge.net
> Subject: RE: [Snort-users] Create ACID AG
>
>
> What document are you referring to that you set this up per? (you
> mention using one but not which one)
>
> After you click on the setup button in acid how many tables do you
> have in the snort database?  When you go back to the main acid page
> does it still tell you that you have to set up the tables? Or do
> you get the graphs?  What database are you using?
>
> Also, you web browser is what?  Did you mean server? :)
>
>
>
>
> -----Original Message-----
> From: Naveen C Joshi
> [mailto:naveen_joshi at ...11009...] Sent: Monday,
> April 19, 2004 8:07 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Create ACID AG
>
> Hi All :
>
> I have installed snort and all the supporting packages on the
> Redhat 9.0.
> When I installed the ACID and it ask for to click on "Setup page"
> and than we get another web page for creating ACID tables  and
> again ask to click on "Create ACID AG" .  In my installation when I
> click on the "Create ACID AG"
> button it does not show any action and even does not create the
> tables on the database "snort".  While the database is configred as
> per the document and  I checked it twice and thrice.
>
> acid_conf.php also confiured as per the docuement.
>
> My web browser is Apache and php installed which comes with RedHat
> 9.0 by default.
>
> php-ldap-4.2
> php-pgsql-4.2
> php-imap-4.2
> php-mysql-4.2
> php-4.2
> php-odbc-4
>
> Snort-2.1 as RPM
>
> Please help me to get this activate.
>
> Regards
>
> naveen]
>
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux
> tutorial presented by Daniel Robbins, President and CEO of GenToo
> technologies. Learn everything from fundamentals to system
> administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=clic
> k _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
>
>
>
> Disclaimer:
> This electronic message, including any attachments, is confidential
> and intended solely for use of the intended recipient(s). This
> message may contain information that is privileged or otherwise
> protected from disclosure by applicable law. Any unauthorized
> disclosure, dissemination, use or reproduction is strictly
> prohibited. If you have received this message in error, please
> delete it and notify the sender immediately.
>
>
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: IBM Linux Tutorials
> Free Linux tutorial presented by Daniel Robbins, President and CEO
> of GenToo technologies. Learn everything from fundamentals to
> system
> administration.http://ads.osdn.com/?ad_id70&alloc_id638&opLk
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: IBM Linux Tutorials
> Free Linux tutorial presented by Daniel Robbins, President and CEO
> of GenToo technologies. Learn everything from fundamentals to
> system
> administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=clic
> k _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
> For a limited time only, get FREE Ground shipping on all orders of
> $35 or more. Hurry up and shop folks, this offer expires April
> 30th!
> http://www.thinkgeek.com/freeshipping/?cpg=12297
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBQI0PEYh2YiHWR3orEQLUtQCfUDtCh3SzKD4+xMa65VQMhI4rk0MAn1hK
fKahRcTcMZiZ1mGF1osW8MNp
=UmcR
-----END PGP SIGNATURE-----



-------------------------------------------------------
This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
For a limited time only, get FREE Ground shipping on all orders of $35
or more. Hurry up and shop folks, this offer expires April 30th!
http://www.thinkgeek.com/freeshipping/?cpg=12297
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list