Nope...same results. What is interesting is that after I made the change in
snort.conf and stopped and restarted snort I did get one ICMP alert and that
was it...and I know this can't be the only traffic out there because if I do
a tcpdump on that interface I see a lot of traffic. I'm thinking perhaps I
need to re-install/re-configure the mysql database...any thoughts?
Vito
From: Paul Dokas <dokas@cs.umn.edu>
Reply-To: dokas@cs.umn.edu
To: "b7time b7time" <b7time@hotmail.com>
CC: snort-users@lists.sourceforge.net
Subject: Re: [Snort-users] Updated to Snort 2.2.0 and now nothing is being
written to Acid
Date: Mon, 23 Aug 2004 15:01:08 -0500
On Tue, 17 Aug 2004 22:20:58 +0000 "b7time b7time" <b7time@hotmail.com>
wrote:
> output database: log, mysql, user=snort password=password dbname=snort
host=localhost
Try this:
output database: alert, mysql, user=snort password=password dbname=snort
host=localhost
I was bit by the same problem.
Paul
--
Paul Dokas dokas@cs.umn.edu
======================================================================
Don Juan Matus: "an enigma wrapped in mystery wrapped in a tortilla."
_________________________________________________________________
Don�t just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
