[Snort-users] Install Snort on Ubuntu with mysql and SnortReports

Atkins, Dwane P ATKINSD at ...9240...
Wed Nov 10 12:47:19 EST 2010


Shane,

Thank you.  I removed the entries from the rc.local and edited this barnyard2.conf 

Rc.local:

ifconfig eth0 up
        /usr/local/snort/bin/snort -D -u snort -g snort -c /usr/local/snort/etc/snort.conf -i eth0

        /usr/local/bin/barnyard2 -c /usr/local/snort/etc/barnyard2.conf

exit 0

config logdir:              /var/log/snort
config waldo_file:          /var/log/snort
config reference_file:	    /usr/local/snort/etc/reference.config
config classification_file: /usr/local/snort/etc/classification.config
config gen_file:            /usr/local/snort/etc/gen-msg.map
config sid_file:	    /usr/local/snort/etc/sid-msg.map

config hostname:        localhost
config interface:       eth0
config alert_with_interface_name
config alert_on_each_packet_in_stream
config daemon
config decode_data_link
config dump_payload
config dump_payload_verbose
config show_year
config umask: 002

input unified2

output database: alert, mysql, user=snort password=xxxxxx dbname=snort host=localhost

I have tested the password to login using the snort and the snort password and I do have access.

This should be more than adequate, correct?

Thank you

Dwane




More information about the Snort-users mailing list