RE: RE: [Snort-users] Remote Mysql
This is a discussion on RE: RE: [Snort-users] Remote Mysql within the Snort forums, part of the System Security and Security Related category; This is a multi-part message in MIME format. ------_=_NextPart_001_01C52BC7.BA46A8F1 Content-Type: text/plain; charset="us-ascii&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-18-2005
|
|||
|
|||
RE: RE: [Snort-users] Remote Mysql
This is a multi-part message in MIME format.
------_=_NextPart_001_01C52BC7.BA46A8F1 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable You just need the mysql libs, so yes, compile snort with the -mysql and it will find the mysql libs if you have them in the default location. Otherwise you may have to specify the location. As a suggestion, to be a little bit more secure, I would run stunnel between the 2 devices and let mysql run on top of that.=20 =20 Thanks, Michael Brown _____ =20 From: Salil D. [mailto:salildumbre@rediffmail.com]=20 Posted At: Friday, March 18, 2005 12:27 AM Posted To: Snort Conversation: RE: [Snort-users] Remote Mysql Subject: Re: RE: [Snort-users] Remote Mysql =20 =20 Hello Michael, I am installing snort on proxy and mysql on other host I probably need mysql client to run on the snort host any ideas ? Regards, Salil D. On Fri, 18 Mar 2005 Snort wrote : >Not necessary if you already have mysql compiled in, just change it from >localhost to the remote host IP address > >output database: alert, mysql, user=3Dunhuh dbname=3DIDS = sensor_name=3Dpffft >sid=3D11 password=3Dfreewilly host=3D10.0.0.1 > >Thanks, >Michael Brown > _____ > > From: snort-users-admin@lists.sourceforge.net >[mailto:snort-users-admin@lists.sourceforge.net] On Behalf Of Salil D. >Posted At: Thursday, March 17, 2005 7:39 AM >Posted To: Snort >Conversation: [Snort-users] Remote Mysql >Subject: [Snort-users] Remote Mysql > > >Hello there, > >I was able to run snort with mysql both on same host >I want to configure snort with mysql on remote machine > >what should be used with ./configure --with-mysql=3D????????? > > >Thanks to all > >Salil. > > > <http://clients.rediff.com/signature/track_sig.asp> <http://clients.rediff.com/signature/track_sig.asp>=20 ------_=_NextPart_001_01C52BC7.BA46A8F1 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" = xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns=3D"http://www.w3.org/TR/REC-html40"> <head> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Dus-ascii"> <meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)"> <!--[if !mso]> <style> v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} ..shape {behavior:url(#default#VML);} </style> <![endif]--> <style> <!-- /* Font Definitions */ @font-face {font-family:Tahoma; panose-1:2 11 6 4 3 5 4 4 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman";} a:link, span.MsoHyperlink {color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {color:blue; text-decoration:underline;} p {mso-margin-top-alt:auto; margin-right:0in; mso-margin-bottom-alt:auto; margin-left:0in; font-size:12.0pt; font-family:"Times New Roman";} span.EmailStyle18 {mso-style-type:personal-reply; font-family:Arial; color:black; font-weight:normal; font-style:normal; text-decoration:none none;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.25in 1.0in 1.25in;} div.Section1 {page:Section1;} --> </style> </head> <body lang=3DEN-US link=3Dblue vlink=3Dblue> <div class=3DSection1> <p class=3DMsoNormal><font size=3D2 color=3Dblack face=3DArial><span = style=3D'font-size: 10.0pt;font-family:Arial;color:black'>You just need the mysql libs, so = yes, compile snort with the –mysql and it will find the mysql libs if = you have them in the default location. Otherwise you may have to specify the = location. As a suggestion, to be a little bit more secure, I would run stunnel = between the 2 devices and let mysql run on top of that. <o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 color=3Dblack face=3DArial><span = style=3D'font-size: 10.0pt;font-family:Arial;color:black'><o:p> </o:p></span></font></p>= <div> <p class=3DMsoNormal><font size=3D2 color=3Dblack face=3DArial><span = style=3D'font-size: 10.0pt;font-family:Arial;color:black'>Thanks,</span></font><font = color=3Dblack><span style=3D'color:black'><o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 color=3Dblack face=3DArial><span = style=3D'font-size: 10.0pt;font-family:Arial;color:black'>Michael = Brown</span></font><o:p></o:p></p> </div> <div> <div class=3DMsoNormal align=3Dcenter style=3D'text-align:center'><font = size=3D3 face=3D"Times New Roman"><span style=3D'font-size:12.0pt'> <hr size=3D2 width=3D"100%" align=3Dcenter tabindex=3D-1> </span></font></div> </div> <p class=3DMsoNormal><b><font size=3D2 face=3DTahoma><span = style=3D'font-size:10.0pt; font-family:Tahoma;font-weight:bold'>From:</span></font></b><font = size=3D2 face=3DTahoma><span style=3D'font-size:10.0pt;font-family:Tahoma'> Salil = D. [mailto:salildumbre@rediffmail.com] <br> <b><span style=3D'font-weight:bold'>Posted At:</span></b> Friday, March = 18, 2005 12:27 AM<br> <b><span style=3D'font-weight:bold'>Posted To:</span></b> Snort<br> <b><span style=3D'font-weight:bold'>Conversation:</span></b> RE: = [Snort-users] Remote Mysql<br> <b><span style=3D'font-weight:bold'>Subject:</span></b> Re: RE: = [Snort-users] Remote Mysql<br> </span></font></p> <p><font size=3D3 face=3D"Times New Roman"><span = style=3D'font-size:12.0pt'> <br> Hello Michael,<br> <br> I am installing snort on proxy and mysql on other host<br> I probably need mysql client to run on the snort host<br> any ideas ?<br> <br> Regards,<br> Salil D.<br> <br> <br> On Fri, 18 Mar 2005 Snort wrote :<br> >Not necessary if you already have mysql compiled in, just change it = from<br> >localhost to the remote host IP address<br> ><br> >output database: alert, mysql, user=3Dunhuh dbname=3DIDS = sensor_name=3Dpffft<br> >sid=3D11 password=3Dfreewilly host=3D10.0.0.1<br> ><br> >Thanks,<br> >Michael Brown<br> > _____<br> ><br> > From: snort-users-admin@lists.sourceforge.net<br> >[mailto:snort-users-admin@lists.sourceforge.net] On Behalf Of Salil = D.<br> >Posted At: Thursday, March 17, 2005 7:39 AM<br> >Posted To: Snort<br> >Conversation: [Snort-users] Remote Mysql<br> >Subject: [Snort-users] Remote Mysql<br> ><br> ><br> >Hello there,<br> ><br> >I was able to run snort with mysql both on same host<br> >I want to configure snort with mysql on remote machine<br> ><br> >what should be used with ./configure --with-mysql=3D?????????<br> ><br> ><br> >Thanks to all<br> ><br> >Salil.<br> ><br> ><br> > = <http://clients.rediff.com/signature/track_sig.asp><o:p></o:p></spa= n></font></p> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span = style=3D'font-size: 12.0pt'><br> <br> <a href=3D"http://clients.rediff.com/signature/track_sig.asp" = target=3D"_blank"><span style=3D'text-decoration:none'><img border=3D0 width=3D578 height=3D38 = id=3D"_x0000_i1025" src=3D"http://ads.rediff.com/RealMedia/ads/adstream_nx.cgi/www.rediffmail= ..com/inbox.htm@Bottom"></span></a><o:p></o:p></span></font></p> </div> </body> </html> ------_=_NextPart_001_01C52BC7.BA46A8F1-- ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
