[Snort-users] No alerts on ACID
Patrick S. Harper
patrick at ...4250...
Mon Oct 18 03:38:02 EDT 2004
Also, if you are using RH9 you need to know that no more patches are being
released by RH, it is EOL. The fedora legacy project is doing patch
management for RH9 for as long as there is community interest and
Check out http://www.fedoralegacy.org/download/ and
http://www.fedoralegacy.org/docs/ for directions on using yum and apt with
RH9 to keep it up to date.
Patrick S. Harper | CISSP RHCT MCSE
www.ntsug.org - Snort Users Group
"If there is no light at the end of the tunnel, get down there and light the
damn thing yourself!"
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of prabu
Sent: Sunday, October 17, 2004 11:23 PM
To: support; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] No alerts on ACID
Is snort able to capture packets on ur network?.
If so,is Snort is logging alerts to ur database?
Before,running ACID,you can check whether your Snort Database is
getting all the logging details from the
senor by executing the following SQL query;
# echo "SELECT count(*) FROM event" | mysql snort_db -u root -p
Executing above query on my system,has produced the value,
Here,my MySQL database (named as snort_db) contained 4406 alerts.If
no alerts are found in the database (i.e. a 0 is returned).
This will help U,to check whether Snort is logging alerts into your Database
or not.You must check this before running ACID.
If you still find problem,right to me,I will send a simple and easier
configuration file to setup Snort-MySQL-ACID Setup.
----- Original Message -----
From: support <mailto:support at ...12306...>
To: snort-users at lists.sourceforge.net
Sent: Sunday, October 17, 2004 9:15 PM
Subject: [Snort-users] No alerts on ACID
I have done the complete installation of snort on Redhat 9 , mysql ,
php . The acid console is opening properly but there are no alerts
generating. Also I have the following line in my snort.conf file
output database: log, mysql, user=snort password=password
Is there which is missing ...need ur help
SITEL INDIA LTD.
4 A, Park Davis Complex(main)
Tel : 91-22-2820131,28522657
FAX : 91-22-28561659
*e-mail: support at ...12306... <mailto:support at ...12306...>
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.776 / Virus Database: 523 - Release Date: 10/12/2004
More information about the Snort-users