Re: [Snort-users] This is a new one
This is a discussion on Re: [Snort-users] This is a new one within the Snort forums, part of the System Security and Security Related category; This is a multi-part message in MIME format. --===============0938176150== Content-class: urn:content-classes:message Content-Type: multipart/alternative; ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
07-28-2007
|
|||
|
|||
Re: [Snort-users] This is a new one
This is a multi-part message in MIME format.
--===============0938176150== Content-class: urn:content-classes:message Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C7D0A8.92BE6995" This is a multi-part message in MIME format. ------_=_NextPart_001_01C7D0A8.92BE6995 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable When I created the snort device, I untarred in a directory call /root/snortinstall. I have the snort-2.6.15 and the snort-snortsam-2.6.1.5 directory. Do I do the make distclean in the snort or snortsam directory? =20 Dwane =20 ________________________________ From: Will Metcalf [mailto:william.metcalf@gmail.com]=20 Sent: Friday, July 27, 2007 6:46 PM To: Atkins, Dwane P Cc: Matt Jonkman; Snort-users@lists.sourceforge.net Subject: Re: [Snort-users] This is a new one =20 make distclean && ./configure --with-mysql On 7/27/07, Atkins, Dwane P <ATKINSD@uthscsa.edu> wrote:=20 I did recompile and still go the same message. I download the tarball that Will sent out and then I did a ./configure, make and make install.=20 I then noticed the error and did a ./configure --with-mysql --enable-dynamicplugins, make and make install and still received the same error. Any ideas will be helpful. Thanks Dwane -----Original Message-----=20 From: Matt Jonkman [mailto:jonkman@bleedingthreats.net] Sent: Friday, July 27, 2007 5:58 PM To: Will Metcalf Cc: Atkins, Dwane P; Snort-users@lists.sourceforge.net Subject: Re: [Snort-users] This is a new one Looks like you need to compile with --with-mysql. Will Metcalf wrote: > What exactly did you download? > > Regards,=20 > > Will > > > On 7/27/07, *Atkins, Dwane P* <ATKINSD@uthscsa.edu > <mailto:ATKINSD@uthscsa.edu>> wrote:=20 > > Jul 27 11:29:52 Wilbur snort[3024]: FATAL ERROR: If this build of > snort was obtained as a binary distribution (e.g., rpm, or Windows), > then check for alternate builds that contains the necessary=20 'mysql' > support. If this build of snort was compiled by you, then re-run > the ./configure script using the '--with-mysql' switch. For > non-standard installations of a database, the '--with-mysql=3DDIR' = > syntax may need to be used to specify the base directory of the DB > install. See the database documentation for cursory details > (doc/README.database). and the URL to the most recent database=20 > plugin documentation. > > > > I recently installed the latest snortsam patches and I have a > feeling that the new patch installs snort. I am trying to find out > how to get around this. Maybe someone can help.=20 > > > > Dwane > > > > > > > ------------------------------------------------------------------------ - > This SF.net email is sponsored by: Splunk Inc.=20 > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > Snort-users mailing list > Snort-users@lists.sourceforge.net=20 > <mailto:Snort-users@lists.sourceforge.net> > Go to this URL to change user options or unsubscribe: > https://lists.sourceforge.net/lists/...fo/snort-users > Snort-users > <https://lists.sourceforge.net/lists/...ersSnort-users > > list archive: > http://www.geocrawler.com/redir-sf.p...=3Dsnort-users > < http://www.geocrawler.com/redir-sf.p...=3Dsnort-users <http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users> > > > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ - > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > > > ------------------------------------------------------------------------ > > _______________________________________________=20 > Snort-users mailing list > Snort-users@lists.sourceforge.net > Go to this URL to change user options or unsubscribe: > https://lists.sourceforge.net/lists/...fo/snort-users > Snort-users list archive: > http://www.geocrawler.com/redir-sf.p...snort-users=20 -- -------------------------------------------- Matthew Jonkman Bleeding Edge Threats US Phone 765-429-0398 US Fax 312-264-0205 AUS Phone 61-42-4157-491 AUS Fax 61-29-4750-026 http://www.bleedingthreats.net -------------------------------------------- PGP: http://www.bleedingthreats.com/mattjonkman.asc =20 ------_=_NextPart_001_01C7D0A8.92BE6995 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" = xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:st1=3D"urn:schemas-microsoft-com:office:smarttags" = xmlns=3D"http://www.w3.org/TR/REC-html40"> <head> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Dus-ascii"> <meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)"> <!--[if !mso]> <style> v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} ..shape {behavior:url(#default#VML);} </style> <![endif]--><o:SmartTagType namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags" = name=3D"City"/> <o:SmartTagType = namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags" name=3D"place"/> <o:SmartTagType = namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags" name=3D"PersonName"/> <!--[if !mso]> <style> st1\:*{behavior:url(#default#ieooui) } </style> <![endif]--> <style> <!-- /* Font Definitions */ @font-face {font-family:Tahoma; panose-1:2 11 6 4 3 5 4 4 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman";} a:link, span.MsoHyperlink {color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {color:blue; text-decoration:underline;} span.EmailStyle18 {mso-style-type:personal-reply; font-family:Arial; color:navy;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.25in 1.0in 1.25in;} div.Section1 {page:Section1;} --> </style> </head> <body lang=3DEN-US link=3Dblue vlink=3Dblue> <div class=3DSection1> <p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span = style=3D'font-size: 10.0pt;font-family:Arial;color:navy'>When I created the snort device, I untarred in a directory call /root/snortinstall. I have the = snort-2.6.15 and the snort-snortsam-2.6.1.5 directory. Do I do the make distclean = in the snort or snortsam directory?<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span = style=3D'font-size: 10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span = style=3D'font-size: 10.0pt;font-family:Arial;color:navy'>Dwane<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span = style=3D'font-size: 10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p> <div> <div class=3DMsoNormal align=3Dcenter style=3D'text-align:center'><font = size=3D3 face=3D"Times New Roman"><span style=3D'font-size:12.0pt'> <hr size=3D2 width=3D"100%" align=3Dcenter tabindex=3D-1> </span></font></div> <p class=3DMsoNormal><b><font size=3D2 face=3DTahoma><span = style=3D'font-size:10.0pt; font-family:Tahoma;font-weight:bold'>From:</span></font></b><font = size=3D2 face=3DTahoma><span style=3D'font-size:10.0pt;font-family:Tahoma'> Will = Metcalf [mailto:william.metcalf@gmail.com] <br> <b><span style=3D'font-weight:bold'>Sent:</span></b> Friday, July 27, = 2007 6:46 PM<br> <b><span style=3D'font-weight:bold'>To:</span></b> Atkins, Dwane P<br> <b><span style=3D'font-weight:bold'>Cc:</span></b> Matt Jonkman; = <st1:PersonName w:st=3D"on">Snort-users@lists.sourceforge.net</st1:PersonName><br> <b><span style=3D'font-weight:bold'>Subject:</span></b> Re: = [Snort-users] This is a new one</span></font><o:p></o:p></p> </div> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span = style=3D'font-size: 12.0pt'><o:p> </o:p></span></font></p> <p class=3DMsoNormal style=3D'margin-bottom:12.0pt'><font size=3D3 face=3D"Times New Roman"><span style=3D'font-size:12.0pt'>make distclean = && ../configure --with-mysql<o:p></o:p></span></font></p> <div> <p class=3DMsoNormal><span class=3Dgmailquote><font size=3D3 = face=3D"Times New Roman"><span style=3D'font-size:12.0pt'>On 7/27/07, <b><span = style=3D'font-weight:bold'>Atkins, Dwane P</span></b> <<a = href=3D"mailto:ATKINSD@uthscsa.edu">ATKINSD@uthscs a.edu</a>> wrote: </span></font></span><o:p></o:p></p> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span = style=3D'font-size: 12.0pt'>I did recompile and still go the same message. I = download the tarball<br> that Will sent out and then I did a ./configure, make and make install. = <br> I then noticed the error and did a ./configure --with-mysql<br> --enable-dynamicplugins, make and make install and still received = the<br> same error.<br> <br> Any ideas will be helpful.<br> <br> Thanks<br> <br> Dwane<br> <br> -----Original Message----- <br> From: Matt Jonkman [mailto:<a = href=3D"mailto:jonkman@bleedingthreats.net">jonkma n@bleedingthreats.net</= a>]<br> Sent: Friday, July 27, 2007 5:58 PM<br> To: Will Metcalf<br> Cc: Atkins, Dwane P; <a = href=3D"mailto:Snort-users@lists.sourceforge.net">Snort-users@lists.sourc= eforge.net</a><br> Subject: Re: [Snort-users] This is a new one<br> <br> Looks like you need to compile with --with-mysql.<br> <br> Will Metcalf wrote:<br> > What exactly did you download?<br> ><br> > Regards, <br> ><br> > Will<br> ><br> ><br> > On 7/27/07, *Atkins, Dwane P* <<a = href=3D"mailto:ATKINSD@uthscsa.edu">ATKINSD@uthscs a.edu</a><br> > <mailto:<a = href=3D"mailto:ATKINSD@uthscsa.edu">ATKINSD@uthscs a.edu</a>>> wrote: <br> ><br> > Jul 27 11:29:52 Wilbur snort[3024]: FATAL = ERROR: If this build of<br> > snort was obtained as a binary distribution = (e.g., rpm, or<br> Windows),<br> > then check for alternate builds that = contains the necessary <br> 'mysql'<br> > support. If this build of snort = was compiled by you, then re-run<br> > the ./configure script using the = '--with-mysql' switch. For<br> > non-standard installations of a database, = the '--with-mysql=3DDIR' <br> > syntax may need to be used to specify the = base directory of the DB<br> > install. See the database = documentation for cursory details<br> > (doc/README.database). and the URL to the = most recent database <br> > plugin documentation.<br> ><br> ><br> ><br> > I recently installed the latest snortsam = patches and I have a<br> > feeling that the new patch installs snort. I am trying to find<br> out<br> > how to get around this. Maybe = someone can help. <br> ><br> ><br> ><br> > Dwane<br> ><br> ><br> ><br> ><br> ><br> ><br> ><br> ------------------------------------------------------------------------<= br> -<br> > This SF.net email is sponsored by: Splunk = Inc. <br> > Still grepping through log files to find problems? Stop.<br> > Now Search log events and configuration = files using <st1:City w:st=3D"on"><st1:place = w:st=3D"on">AJAX</st1:place></st1:City> and a<br> browser.<br> > Download your FREE copy of Splunk now >> <a = href=3D"http://get.splunk.com/">http://get.splunk.com/</a><br> > = _______________________________________________<br > > Snort-users mailing list<br> > <a = href=3D"mailto:Snort-users@lists.sourceforge.net">Snort-users@lists.sourc= eforge.net</a> <br> > <mailto:<a href=3D"mailto:Snort-users@lists.sourceforge.net">Snort-users@lists.sourc= eforge.net</a>><br> > Go to this URL to change user options or unsubscribe:<br> > <a href=3D"https://lists.sourceforge.net/lists/listinfo/snort-users">https:/= /lists.sourceforge.net/lists/listinfo/snort-users</a><br> > Snort-users<br> ><br> <<a href=3D"https://lists.sourceforge.net/lists/listinfo/snort-usersSnort-use= rs">https://lists.sourceforge.net/lists/...ersSnort-users </a>><br> > list archive:<br> > <a href=3D"http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users">http:= //www.geocrawler.com/redir-sf.php3?list=3Dsnort-users</a><br> > <<a href=3D"http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users"> http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users</a>><br> ><br> ><br> ><br> ><br> ------------------------------------------------------------------------<= br> ><br> ><br> ------------------------------------------------------------------------ = <br> -<br> > This SF.net email is sponsored by: Splunk Inc.<br> > Still grepping through log files to find = problems? Stop.<br> > Now Search log events and configuration files using <st1:City = w:st=3D"on"><st1:place w:st=3D"on">AJAX</st1:place></st1:City> and a<br> browser.<br> > Download your FREE copy of Splunk now >> <a href=3D"http://get.splunk.com/">http://get.splunk.com/</a><br> ><br> ><br> ><br> ------------------------------------------------------------------------<= br> ><br> > _______________________________________________ <br> > Snort-users mailing list<br> > <a = href=3D"mailto:Snort-users@lists.sourceforge.net">Snort-users@lists.sourc= eforge.net</a><br> > Go to this URL to change user options or unsubscribe:<br> > <a = href=3D"https://lists.sourceforge.net/lists/listinfo/snort-users">https:/= /lists.sourceforge.net/lists/listinfo/snort-users</a><br> > Snort-users list archive:<br> > <a = href=3D"http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users">http:= //www.geocrawler.com/redir-sf.php3?list=3Dsnort-users </a><br> <br> --<br> --------------------------------------------<br> Matthew Jonkman<br> Bleeding Edge Threats<br> US Phone 765-429-0398<br> US Fax 312-264-0205<br> AUS Phone 61-42-4157-491<br> AUS Fax 61-29-4750-026<br> <a = href=3D"http://www.bleedingthreats.net">http://www.bleedingthreats.net</a= ><br> --------------------------------------------<br> <br> PGP: <a = href=3D"http://www.bleedingthreats.com/mattjonkman.asc">http://www.bleedi= ngthreats.com/mattjonkman.asc</a><o:p></o:p></span></font></p> </div> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span = style=3D'font-size: 12.0pt'><o:p> </o:p></span></font></p> </div> </body> </html> ------_=_NextPart_001_01C7D0A8.92BE6995-- --===============0938176150== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ --===============0938176150== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users --===============0938176150==-- 
|
Linear Mode
