|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Devon Harding - GTHLA (DHarding
gilatla.com)Date: Wed May 22 2002 - 09:46:24 CDT
Im running snort 1.86 w/ PureSecure. I see snort process running and the
alert file is being populated, but snort is not logging to my mysql
database.
My snort.conf looks like this....
var HOME_NET [192.168.0.0/16]
var EXTERNAL_NET ![192.168.0.0/16]
var SMTP $HOME_NET
var HTTP_SERVERS $HOME_NET
var SQL_SERVERS $HOME_NET
var DNS_SERVERS $HOME_NET
preprocessor defrag
preprocessor stream2: timeout 10, ports 21 23 80 110 143, maxbytes 16384
preprocessor unidecode: 80
preprocessor rpc_decode: 111
preprocessor bo: -nobrute
preprocessor telnet_decode
preprocessor portscan: $HOME_NET 4 3 portscan.log
preprocessor portscan-ignorehosts: $DNS_SERVERS
output database: log, mysql, user=snort dbname=snort password=snort
host=192.168.0.18 sensor_name=snort1
_____________________
Devon Harding
System Administrator
Gilat Latin America
954-858-1600
dhardinggilatla.com
_______________________________________________________________
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]