[Snort-users] Winsnort help needed!

Peter Rodger prodger2008 at ...131...
Thu Apr 14 11:29:16 EDT 2005


Please see below the snort.conf and base config:

Here is the snort.conf output config:


# database: log to a variety of databases
# ---------------------------------------
# See the README.database file for more information
about configuring
# and using this plugin.
#
# output database: log, mysql, user=root password=test
dbname=db host=localhost
# output database: alert, postgresql, user=snort
dbname=snort
# output database: log, odbc, user=snort dbname=snort
# output database: log, mssql, dbname=snort user=snort
password=test
output database: log, mssql, dbname=snort user=snort
password=10gg3r
output database: alert, mssql, dbname=snort user=snort
password=10gg3r
# output database: log, oracle, dbname=snort
user=snort password=test


Here is the base output config:


 *  output plugin configuration.
 */
$alert_dbname   = "snort";
$alert_host     = "localhost";
$alert_port     = "";
$alert_user     = "base";
$alert_password = "111111";

/* Archive DB connection parameters */
$archive_dbname   = "archive";
$archive_host     = "localhost";
$archive_port     = "";
$archive_user     = "base";
$archive_password = "111111";

Let me know what I did wrong.  I am so overwhelming
with it.

Thanks,

Peter

--- "Briggs, Bruce" <Bruce.Briggs at ...13183...> wrote:
> Have you uncommented to appropriate output database:
>  statement in
> snort.conf? 
> 
> -----Original Message-----
> From: Peter Rodger [mailto:prodger2008 at ...131...] 
> Sent: Thursday, April 14, 2005 10:06 AM
> To: Briggs, Bruce
> Cc: snort-users at lists.sourceforge.net
> Subject: RE: [Snort-users] Winsnort help needed!
> 
> Bruce,
> 
> Thanks for the reply.
> 
> > Did you set up IIS with the Console virtual
> > directory and set
> > base_main.php as the only Default Document?
> > 
> 
> YES.  
> 
> I really do not know what's wrong.  I followed the
> exact steps as the Guide says.  
> 
> If I do not have the slave sensors, I took out the
> sensor_name=HOSTNAME in snort.conf.  Is this right?
> 
> Thanks for the help and hope that anyone can point
> me
> to the right direction.
> 
> Peter 
> 
> 
> --- "Briggs, Bruce" <Bruce.Briggs at ...13183...> wrote:
> > Did you set up IIS with the Console virtual
> > directory and set
> > base_main.php as the only Default Document?
> > 
> > Bruce
> > 
> > -----Original Message-----
> > From: snort-users-admin at lists.sourceforge.net
> > [mailto:snort-users-admin at lists.sourceforge.net]
> On
> > Behalf Of Peter
> > Rodger
> > Sent: Wednesday, April 13, 2005 5:58 PM
> > To: snort-users at lists.sourceforge.net
> > Subject: [Snort-users] Winsnort help needed!
> > 
> > Hi,
> > 
> > I followed the installation guide for Windows 2003
> > IIS6 winsnort by Michael E. Steele.  
> > 
> > I am stuck in the Base Console.  When I do
> > http://localhost/console/, I got nothing on the 
> > screen.  All previous steps are OK.
> > 
> > I really do not know what's wrong.  I only have a
> > Master sensor and I did not use
> sensor_name=HOSTNAME
> > in snort.conf as I do not have slave sensors.
> > 
> > Any help will be welcomed.
> > 
> > Thanks,
> > 
> > Peter
> > 
> > 
> > 		
> > __________________________________ 
> > Do you Yahoo!? 
> > Yahoo! Mail - Find what you need with new enhanced
> > search. 
> > http://info.mail.yahoo.com/mail_250
> > 
> > 
> >
>
-------------------------------------------------------
> > SF email is sponsored by - The IT Product Guide
> > Read honest & candid reviews on hundreds of IT
> > Products from real users.
> > Discover which products truly live up to the hype.
> > Start reading now.
> >
>
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or
> > unsubscribe:
> >
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> >
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > 
> > 
> >
>
-------------------------------------------------------
> > SF email is sponsored by - The IT Product Guide
> > Read honest & candid reviews on hundreds of IT
> > Products from real users.
> > Discover which products truly live up to the hype.
> > Start reading now.
> >
> http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or
> > unsubscribe:
> >
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> >
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > 
> 
> 
> 		
> __________________________________ 
> Do you Yahoo!? 
> Yahoo! Small Business - Try our new resources site!
> http://smallbusiness.yahoo.com/resources/
> 


		
__________________________________ 
Do you Yahoo!? 
Make Yahoo! your home page 
http://www.yahoo.com/r/hs




More information about the Snort-users mailing list