[Snort-users] Winsnort help needed!

Michael Steele michaels at ...9077...
Thu Apr 14 12:16:15 EDT 2005


There are more configurations above what you are showing in the BASE config
file. Make sure you have setup the variable to select the appropriate
database.

Kindest regards, 
Michael...

WINSNORT.com Management Team Member
-- 
Pick up your FREE Windows or UNIX Snort installation guides       
mailto:support at ...9077...
Website: http://www.winsnort.com
Snort: Open Source Network IDS - http://www.snort.org



> -----Original Message-----
> From: Peter Rodger [mailto:prodger2008 at ...131...]
> Sent: Thursday, April 14, 2005 11:26 AM
> To: michaels at ...9077...
> Subject: RE: [Snort-users] Winsnort help needed!
> 
> Michael,
> 
> Thank you so much for the reply.
> 
> Please see below the snort.conf and base config:
> 
> Here is the snort.conf output config:
> 
> 
> # database: log to a variety of databases
> # ---------------------------------------
> # See the README.database file for more information
> about configuring
> # and using this plugin.
> #
> # output database: log, mysql, user=root password=test
> dbname=db host=localhost
> # output database: alert, postgresql, user=snort
> dbname=snort
> # output database: log, odbc, user=snort dbname=snort
> # output database: log, mssql, dbname=snort user=snort
> password=test
> output database: log, mssql, dbname=snort user=snort
> password=10gg3r
> output database: alert, mssql, dbname=snort user=snort
> password=10gg3r
> # output database: log, oracle, dbname=snort
> user=snort password=test
> 
> 
> Here is the base output config:
> 
> 
>  *  output plugin configuration.
>  */
> $alert_dbname   = "snort";
> $alert_host     = "localhost";
> $alert_port     = "";
> $alert_user     = "base";
> $alert_password = "111111";
> 
> /* Archive DB connection parameters */
> $archive_dbname   = "archive";
> $archive_host     = "localhost";
> $archive_port     = "";
> $archive_user     = "base";
> $archive_password = "111111";
> 
> Let me know what I did wrong.  I am so overwhelming
> with it.
> 
> Thanks,
> 
> Peter
> 
> --- Michael Steele <michaels at ...9077...> wrote:
> 
> > Make SURE you have selected the appropriate database
> > in the BASE config
> > file.
> >
> > Kindest regards,
> > Michael...
> >
> > WINSNORT.com Management Team Member
> > --
> > Pick up your FREE Windows or UNIX Snort installation
> > guides
> > mailto:support at ...9077...
> > Website: http://www.winsnort.com
> > Snort: Open Source Network IDS -
> > http://www.snort.org
> >
> >
> > > -----Original Message-----
> > > From: snort-users-admin at lists.sourceforge.net
> > [mailto:snort-users-
> > > admin at lists.sourceforge.net] On Behalf Of Briggs,
> > Bruce
> > > Sent: Thursday, April 14, 2005 9:09 AM
> > > To: Peter Rodger
> > > Cc: snort-users at lists.sourceforge.net
> > > Subject: RE: [Snort-users] Winsnort help needed!
> > >
> > > Have you uncommented to appropriate output
> > database:  statement in
> > > snort.conf?
> > >
> > > -----Original Message-----
> > > From: Peter Rodger [mailto:prodger2008 at ...131...]
> > > Sent: Thursday, April 14, 2005 10:06 AM
> > > To: Briggs, Bruce
> > > Cc: snort-users at lists.sourceforge.net
> > > Subject: RE: [Snort-users] Winsnort help needed!
> > >
> > > Bruce,
> > >
> > > Thanks for the reply.
> > >
> > > > Did you set up IIS with the Console virtual
> > > > directory and set
> > > > base_main.php as the only Default Document?
> > > >
> > >
> > > YES.
> > >
> > > I really do not know what's wrong.  I followed the
> > > exact steps as the Guide says.
> > >
> > > If I do not have the slave sensors, I took out the
> > > sensor_name=HOSTNAME in snort.conf.  Is this
> > right?
> > >
> > > Thanks for the help and hope that anyone can point
> > me
> > > to the right direction.
> > >
> > > Peter
> > >
> > >
> > > --- "Briggs, Bruce" <Bruce.Briggs at ...13183...> wrote:
> > > > Did you set up IIS with the Console virtual
> > > > directory and set
> > > > base_main.php as the only Default Document?
> > > >
> > > > Bruce
> > > >
> > > > -----Original Message-----
> > > > From: snort-users-admin at lists.sourceforge.net
> > > > [mailto:snort-users-admin at lists.sourceforge.net]
> > On
> > > > Behalf Of Peter
> > > > Rodger
> > > > Sent: Wednesday, April 13, 2005 5:58 PM
> > > > To: snort-users at lists.sourceforge.net
> > > > Subject: [Snort-users] Winsnort help needed!
> > > >
> > > > Hi,
> > > >
> > > > I followed the installation guide for Windows
> > 2003
> > > > IIS6 winsnort by Michael E. Steele.
> > > >
> > > > I am stuck in the Base Console.  When I do
> > > > http://localhost/console/, I got nothing on the
> > > > screen.  All previous steps are OK.
> > > >
> > > > I really do not know what's wrong.  I only have
> > a
> > > > Master sensor and I did not use
> > sensor_name=HOSTNAME
> > > > in snort.conf as I do not have slave sensors.
> > > >
> > > > Any help will be welcomed.
> > > >
> > > > Thanks,
> > > >
> > > > Peter
> > > >
> > > >
> > > >
> > > > __________________________________
> > > > Do you Yahoo!?
> > > > Yahoo! Mail - Find what you need with new
> > enhanced
> > > > search.
> > > > http://info.mail.yahoo.com/mail_250
> > > >
> > > >
> > > >
> > >
> >
> -------------------------------------------------------
> > > > SF email is sponsored by - The IT Product Guide
> > > > Read honest & candid reviews on hundreds of IT
> > > > Products from real users.
> > > > Discover which products truly live up to the
> > hype.
> > > > Start reading now.
> > > >
> > >
> >
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> > > > _______________________________________________
> > > > Snort-users mailing list
> > > > Snort-users at lists.sourceforge.net
> > > > Go to this URL to change user options or
> > > > unsubscribe:
> > > >
> > >
> >
> https://lists.sourceforge.net/lists/listinfo/snort-users
> > > > Snort-users list archive:
> > > >
> > >
> >
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > > >
> > > >
> > > >
> > >
> >
> -------------------------------------------------------
> > > > SF email is sponsored by - The IT Product Guide
> > > > Read honest & candid reviews on hundreds of IT
> > > > Products from real users.
> > > > Discover which products truly live up to the
> > hype.
> > > > Start reading now.
> > > >
> > http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
> > > > _______________________________________________
> > > > Snort-users mailing list
> > > > Snort-users at lists.sourceforge.net
> > > > Go to this URL to change user options or
> > > > unsubscribe:
> > > >
> > >
> >
> https://lists.sourceforge.net/lists/listinfo/snort-users
> > > > Snort-users list archive:
> > > >
> > >
> >
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > > >
> > >
> > >
> > >
> > > __________________________________
> > > Do you Yahoo!?
> > > Yahoo! Small Business - Try our new resources
> > site!
> > > http://smallbusiness.yahoo.com/resources/
> > >
> > >
> > >
> >
> -------------------------------------------------------
> > > SF email is sponsored by - The IT Product Guide
> > > Read honest & candid reviews on hundreds of IT
> > Products from real users.
> > > Discover which products truly live up to the hype.
> > Start reading now.
> > > http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
> > > _______________________________________________
> > > Snort-users mailing list
> > > Snort-users at lists.sourceforge.net
> > > Go to this URL to change user options or
> > unsubscribe:
> > >
> >
> https://lists.sourceforge.net/lists/listinfo/snort-users
> > > Snort-users list archive:
> > >
> >
> http://www.geocrawler.com/redir-sf.php3?list=ort-users
> >
> >
> >
> >
> >
> >
> >
> >
> -------------------------------------------------------
> > SF email is sponsored by - The IT Product Guide
> > Read honest & candid reviews on hundreds of IT
> > Products from real users.
> >
> === message truncated ===
> 
> 
> 
> 
> 
> __________________________________
> Do you Yahoo!?
> Yahoo! Small Business - Try our new resources site!
> http://smallbusiness.yahoo.com/resources/









More information about the Snort-users mailing list