|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: vicky Mair (vickyr_at_socal.rr.com)
Date: Wed Jan 22 2003 - 01:18:28 CST
hi there,
for some reason which i can't seem to nail it, ACID console is not able to
display alerts even though "/etc/snort/alert" is being generated with valid
data through some test (nmap, pings...etc) that i performed.
my snort process (ps) shows:
/usr/sbin/snort -A fast -b -l /var/log/snort -d -D -i eth0 -c /etc
snort.conf has database statement as follows:
output database: alert, mysql, user=root dbname=snort host=192.168.2.102
when i bring up my ACID via the following url i login as user "admin"
http://localhost/acid/acid_main.php
shows database: snort
locahost
time window: no alert detected
traffic profile by protocol shows all zeros.
btw, i followed steven scott's manaul at
http://www.snort.org/docs/snort-rh7-mysql-ACID-1-5.pdfwhich ....see page 20
for more info.
please let me know if you need any further information.....any insight will
be appreciated.
tia,
/vicky
-------------------------------------------------------
This SF.net email is sponsored by: Scholarships for Techies!
Can't afford IT training? All 2003 ictp students receive scholarships.
Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more.
www.ictp.com/training/sourceforge.asp
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]