Installation & Configuration Of Intrusion Detection With Snort, ACIDBASE, MySQL, And
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Initializing Network Interface wlan0 Decoding Ethernet on interface wlan0 database: compiled support for ( mysql ) database: configured to use mysql database: user = xxxxx database: password is set database: database name = db database: host = localhost database: sensor name = 192.168.0.20 ERROR: database: mysql_error: Unknown database 'db' Fatal Error, Quitting..
I was using mysql/freepbx for my asterisk phone system but have decided not to use it and I think this 'db' database is for that. I am by no means and expert with mysql so bear with me. help
Last edited by metallica1973; 02-08-2010 at 08:16 PM.
Initializing Network Interface wlan0 Decoding Ethernet on interface wlan0 database: compiled support for ( mysql ) database: configured to use mysql database: user = xxxx database: password is set database: database name = snort database: host = localhost database: sensor name = 192.168.0.20 database: mysql_error: Table 'snort.sensor' doesn't exist database: mysql_error: Table 'snort.sensor' doesn't exist SQL=INSERT INTO sensor (hostname, interface, detail, encoding, last_cid) VALUES ('192.168.0.20','wlan0',1,0, 0) database: mysql_error: Table 'snort.sensor' doesn't exist database: Problem obtaining SENSOR ID (sid) from snort->sensor ERROR: When this plugin starts, a SELECT query is run to find the sensor id for the currently running sensor. If the sensor id is not found, the plugin will run an INSERT query to insert the proper data and generate a new sensor id. Then a SELECT query is run to get the newly allocated sensor id. If that fails then this error message is generated.
Some possible causes for this error are: * the user does not have proper INSERT or SELECT privileges * the sensor table does not exist
If you are _absolutely_ certain that you have the proper privileges set and that your database structure is built properly please let me know if you continue to get this error. You can contact me at (roman@danyliw.com).
I read that a snort-mysql has a script name create_mysql script and it will create the appropriate tables and entries. I have found the script and will see of this does the trick.
I ran the script and it all worked fine until I restarted the computer and snort will not run I checked all the services:
mysql
PHP Code:
Server version 5.1.37-1ubuntu5 Protocol version 10 Connection Localhost via UNIX socket UNIX socket /var/run/mysqld/mysqld.sock Uptime: 1 hour 16 min 54 sec
Threads: 1 Questions: 259 Slow queries: 0 Opens: 448 Flush tables: 1 Open tables: 64 Queries per second avg: 0.56
apache2
PHP Code:
* Apache is running (pid 3646)
and the error with snort when I try and start it. ????????????
PHP Code:
* Starting Network Intrusion Detection System * /etc/snort/db-pending-config file found * Snort will not start as its database is not yet configured. * Please configure the database as described in * /usr/share/doc/snort-{pgsql,mysql}/README-database.Debian * and remove /etc/snort/db-pending-config
Last edited by metallica1973; 02-09-2010 at 11:51 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.