[Snort-users] Unable to run barnyard

Jeremy Hoel jthoel at ...11827...
Fri Oct 26 17:26:40 EDT 2012


Check the apache error log and see if all the php requirements are met
and everything is setup.




On Fri, Oct 26, 2012 at 9:22 PM, fashman2k1 at ...131...
<fashman2k1 at ...131...> wrote:
> Thanks Jeremy it works. But when I tried to generate alert and go to hhtp://
> 127.0.0.1..... to view report the page is blank. Now no access denial but
> blank page. Pls wat do u think?
>
> From my HTC Sensation 4G on T-Mobile. The first nationwide 4G network
>
>
> ----- Reply message -----
> From: "Jeremy Hoel" <jthoel at ...11827...>
> To: "Akinwale Fasuru" <fashman2k1 at ...131...>
> Subject: [Snort-users] Unable to run barnyard
> Date: Fri, Oct 26, 2012 4:34 pm
>
>
> replace MYPASSWORD with whatever you want.
>
> On Fri, Oct 26, 2012 at 8:32 PM, Akinwale Fasuru <fashman2k1 at ...131...>
> wrote:
>> I will replace 'MYPASSWORD'; with my own password and in upper case or am
>> I just going to type it in as 'MYPASSWORD';
>>
>>
>>
>> --- On Fri, 10/26/12, Jeremy Hoel <jthoel at ...11827...> wrote:
>>
>>> From: Jeremy Hoel <jthoel at ...11827...>
>>> Subject: Re: [Snort-users] Unable to run barnyard
>>> To: "Akinwale Fasuru" <fashman2k1 at ...131...>
>>> Cc: snort-users at lists.sourceforge.net
>>> Date: Friday, October 26, 2012, 3:13 PM
>>> log into mysql and run:
>>>
>>> grant all on snort.* to snort at ...274... identified by
>>> 'MYPASSWORD';
>>>
>>>
>>> and then make the MYPASSWORD part the same in your by2 and
>>> base configs.
>>>
>>>
>>> On Fri, Oct 26, 2012 at 7:58 PM, Akinwale Fasuru <fashman2k1 at ...131...>
>>> wrote:
>>> > I went checking the configuration in by2 for the mysql
>>> access creditials and found it to be what i cofigured it as,
>>> and still got stocked... how can i edit or change the
>>> password and then update it in by2?  guess may be i
>>> typed it in wrongly initially
>>> >
>>> >
>>> >
>>> >
>>> > --- On Fri, 10/26/12, Jeremy Hoel <jthoel at ...11827...>
>>> wrote:
>>> >
>>> >> From: Jeremy Hoel <jthoel at ...11827...>
>>> >> Subject: Re: [Snort-users] Unable to run barnyard
>>> >> To: "Akinwale Fasuru" <fashman2k1 at ...131...>
>>> >> Cc: snort-users at lists.sourceforge.net
>>> >> Date: Friday, October 26, 2012, 10:57 AM
>>> >> Well this is a different error and
>>> >> like you said, it's related to mysql.
>>> >>
>>> >> You need to log into mysql and make sure that the
>>> password
>>> >> you setup
>>> >> for the snort user in mysql, is the same that is is
>>> in the
>>> >> configs for
>>> >> by2 and base.
>>> >>
>>> >> There was a number of threads about this to weeks
>>> ago in
>>> >> regards to
>>> >> mysql troubleshooting.
>>> >>
>>> >> On Fri, Oct 26, 2012 at 3:53 PM, Akinwale Fasuru
>>> <fashman2k1 at ...131...>
>>> >> wrote:
>>> >> > Thanks Jeremy and everyone I think its work, i
>>> went
>>> >> checking the interface again. but i have this error
>>> coming
>>> >> up when i run the same command, looks like mysql
>>> >> configuration is not right i dont know what it is
>>> though..
>>> >> pls can you help.
>>> >> >
>>> >> >
>>> >> >   --== Initializing Barnyard2
>>> ==--
>>> >> > Initializing Input Plugins!
>>> >> > Initializing Output Plugins!
>>> >> > Parsing config file
>>> "/etc/snort/barnyard2.conf"
>>> >> > Log directory = /var/log/barnyard2
>>> >> > ERROR: database: mysql_error: Access denied
>>> for user
>>> >> 'snort'@'localhost' (using password: YES)
>>> >> > Fatal Error, Quitting..
>>> >> >
>>> >> >
>>> >> > I also get a similar error when I put this in
>>> the URL
>>> >> "http://127.0.0.1/base/base_main.php" Here is what i
>>> >> gath:
>>> >> >
>>> >> > Error (p)connecting to DB :
>>> snort at ...274...:3306
>>> >> >
>>> >> > Check the DB connection variables in
>>> base_conf.php
>>> >> >
>>> >> >
>>> >> = $alert_dbname   : MySQL database
>>> name where
>>> >> the alerts are stored
>>> >> >
>>> >> = $alert_host     : host where
>>> the
>>> >> database is stored
>>> >> >
>>> >> = $alert_port     : port where
>>> the
>>> >> database is stored
>>> >> >
>>> >> = $alert_user     : username
>>> into the
>>> >> database
>>> >> >
>>> >> = $alert_password : password for the username
>>> >> >
>>> >> >
>>> >> > Database ERROR:Access denied for user
>>> >> 'snort'@'localhost' (using password: YES)
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> > --- On Thu, 10/25/12, Jeremy Hoel <jthoel at ...11827...>
>>> >> wrote:
>>> >> >
>>> >> >> From: Jeremy Hoel <jthoel at ...11827...>
>>> >> >> Subject: Re: [Snort-users] Unable to run
>>> barnyard
>>> >> >> To: "Akinwale Fasuru" <fashman2k1 at ...131...>
>>> >> >> Cc: snort-users at lists.sourceforge.net
>>> >> >> Date: Thursday, October 25, 2012, 4:01 PM
>>> >> >> Can you look at  your barnyard2
>>> >> >> conf and see if there are two interface
>>> lines?
>>> >> >>
>>> >> >> The error says "ERROR:
>>> >> /etc/snort/barnyard2.conf(61) Config
>>> >> >> option
>>> >> >> "interface" can only be configured once."
>>> >> >>
>>> >> >> If you don't see it, share your config
>>> here, and
>>> >> maybe your
>>> >> >> init
>>> >> >> script or any other config sources
>>> (sysconfig,
>>> >> default,
>>> >> >> etc)
>>> >> >>
>>> >> >> On Thu, Oct 25, 2012 at 8:50 PM, Akinwale
>>> Fasuru
>>> >> <fashman2k1 at ...131...>
>>> >> >> wrote:
>>> >> >> > Hello fellows,
>>> >> >> >
>>> >> >> >     I am having
>>> issues
>>> >> running
>>> >> >> barnyard, when I try to run the command
>>> >> >> >
>>> >> >> > $ sudo barnyard2 -c
>>> >> >> >
>>> >> >> > /etc/snort/barnyard2.conf -d
>>> /var/log/snort
>>> >> -f
>>> >> >> merged.log -w
>>> >> >> >
>>> >> >> > /var/log/snort/barnyard2.waldo
>>> >> >> >
>>> >> >> > Here is what I got
>>> >> >> >
>>> >> >> >
>>>    --==
>>> >> Initializing
>>> >> >> Barnyard2 ==--
>>> >> >> >
>>> >> >> > Initializing Input Plugins!
>>> >> >> >
>>> >> >> > Initializing Output Plugins!
>>> >> >> >
>>> >> >> > Parsing config file
>>> >> "/etc/snort/barnyard2.conf"
>>> >> >> >




More information about the Snort-users mailing list