Your message dated Mon, 5 Oct 2009 14:36:04 +0100
with message-id <[email protected]>
and subject line Removed
has caused the Debian Bug report #164511,
regarding acidlab: No mysql support for PHP
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
164511: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=164511
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: acidlab
Version: 0.9.6b20-2
Severity: important
>From http://localhost/acidlab/acid_main.php....
the prerequisite MySQL support required to read the alert database was not
built into PHP. Please recompile PHP with the necessary library (--with-mysql)
... So while preparing this report I did....
sudo apt-get install php4-mysql
Did not fix it, still the same error.
Restarted apache (duh!) and..
Warning: Can't connect to local MySQL server through socket
'/var/run/mysqld/mysqld.sock' (2) in /usr/lib/adodb/adodb-mysql.inc.php on line
113
Error (p)connecting to DB : snort_...@localhost
Check the DB connection variables in acid_conf.php
= $alert_dbname : MySQL database name where the alerts are
stored
= $alert_host : host where the database is
stored
= $alert_port : port where the
database is stored
= $alert_user :
username into the database
=
$alert_password : password for the username
So apt-get install mysql-server
(This will be a bug report against php4-mysql!)
Still no go. I think I neet to einstall acidlab at this point.
So I did an apt-get remove/install acidlab and still have the same problem.
Sigh!
cheers
Worik
-- System Information
Debian Release: 3.0
Kernel Version: Linux stolberg 2.4.19 #1 SMP Fri Oct 11 19:56:16 NZDT 2002 i686
unknown
Versions of the packages acidlab depends on:
ii apache 1.3.26-0woody1 Versatile, high-performance HTTP server
ii debconf 1.0.32 Debian configuration management system
ii libphp-adodb 1.51-1 The 'adodb' database abstraction layer for p
ii libphp-phplot 4.4.6-2 The graphic library for php.
ii php4 4.1.2-5 A server-side, HTML-embedded scripting langu
ii php4-gd 4.1.2-5 GD module for php4
ii wwwconfig-comm 0.0.19 Debian web auto configuration.
php3 Not installed or no info
php4-cgi Not installed or no info
php3-cgi Not installed or no info
php4-cgi-gd Not installed or no info
php3-gd Not installed or no info
php3-cgi-gd Not installed or no info
ii apache-ssl 1.3.26.1+1.48- Versatile, high-performance HTTP server with
^^^ (Provides virtual package httpd)
--- Begin /etc/acidlab/acid_conf.php (modified conffile)
<?php
$ACID_VERSION = "0.9.6b20";
/* Path to the DB abstraction library
* (Note: DO NOT include a trailing backslash after the directory)
* e.g. $foo = "/tmp" [OK]
* $foo = "/tmp/" [OK]
* $foo = "c:\tmp" [OK]
* $foo = "c:\tmp\" [WRONG]
*/
$DBlib_path = "/usr/lib/adodb";
/* The type of underlying alert database
*
* MySQL : "mysql"
* PostgresSQL : "postgres"
* MS SQL Server : "mssql"
*/
$DBtype = "mysql";
/* Alert DB connection parameters
* - $alert_dbname : MySQL database name of Snort alert DB
* - $alert_host : host on which the DB is stored
* - $alert_port : port on which to access the DB
* - $alert_user : login to the database with this user
* - $alert_password : password of the DB user
*
* This information can be gleaned from the Snort database
* output plugin configuration.
*/
$alert_dbname = "snort_log";
$alert_host = "localhost";
$alert_port = "";
$alert_user = "root";
$alert_password = "mypassword";
/* Archive DB connection parameters */
$archive_dbname = "snort_archive";
$archive_host = "localhost";
$archive_port = "";
$archive_user = "root";
$archive_password = "mypassword";
/* Type of DB connection to use
* 1 : use a persistant connection (pconnect)
* 2 : use a normal connection (connect)
*/
$db_connect_method = 1;
/* Path to the graphing library
* (Note: DO NOT include a trailing backslash after the directory)
*/
$ChartLib_path = "/usr/lib/phplot";
/* File format of charts ('png', 'jpeg', 'gif') */
$chart_file_format = "png";
/* Chart default colors - (red, green, blue)
* - $chart_bg_color_default : background color of chart
* - $chart_lgrid_color_default : gridline color of chart
* - $chart_bar_color_default : bar/line color of chart
*/
$chart_bg_color_default = array(255,255,255);
$chart_lgrid_color_default = array(205,205,205);
$chart_bar_color_default = array(190, 5, 5);
/* Maximum number of rows per criteria element */
$MAX_ROWS = 10;
/* Number of rows to display for any query results */
$show_rows = 50;
/* Number of items to return during a snapshot
* Last _X_ # of alerts/unique alerts/ports/IP
*/
$last_num_alerts = 15;
$last_num_ualerts = 15;
$last_num_uports = 15;
$last_num_uaddr = 15;
/* Number of items to return during a snapshot
* Most Frequent unique alerts/IPs/ports
*/
$freq_num_alerts = 5;
$freq_num_uaddr = 15;
$freq_num_uports = 15;
/* Number of scroll buttons to use when displaying query results */
$max_scroll_buttons = 12;
/* Debug mode - how much debugging information should be shown
* Timing mode - display timing information
* SQL trace mode - log SQL statements
* 0 : no extra information
* 1 : debugging information
* 2 : extended debugging information
*
* HTML no cache - whether a no-cache directive should be sent
* to the browser (should be = 1 for IE)
*
* SQL trace file - file to log SQL traces
*/
$debug_mode = 0;
$debug_time_mode = 1;
$html_no_cache = 1;
$sql_trace_mode = 0;
$sql_trace_file = "";
/* Auto-Screen refresh
* - Refresh_Stat_Page - Should certain statistics pages refresh?
* - Stat_Page_Refresh_Time - refresh interval (in seconds)
*/
$refresh_stat_page = 1;
$stat_page_refresh_time = 180;
/* Display First/Previous/Last timestamps for alerts or
* just First/Last on the Unique Alert listing.
* 1: yes
* 0: no
*/
$show_previous_alert = 0;
/* Sets maximum execution time (in seconds) of any particular page.
* Note: this overrides the PHP configuration file variable
* max_execution_time. Thus script can run for a total of
* ($max_script_runtime + max_execution_time) seconds
*/
$max_script_runtime = 180;
/* How should the IP address criteria be entered in the Search screen?
* 1 : each octet is a separate field
* 2 : entire address is as a single field
*/
$ip_address_input = 2;
/* Should a combo box with possible signatures be displayed on the
* search form. (Requires Javascript)
* 0 : disabled
* 1 : show only non pre-processor signatures (e.g., ignore portscans)
* 2 : show all signatures
*/
$use_sig_list = 0;
/* Resolve IP to FQDN (on certain queries?)
* 1 : yes
* 0 : no
*/
$resolve_IP = 1;
/* Should summary stats be calculated on every Query Results page
* (Enabling this option will slow page loading time)
*/
$show_summary_stats = 0;
/* DNS cache lifetime (in minutes) */
$dns_cache_lifetime = 20160;
/* Whois information cache lifetime (in minutes) */
$whois_cache_lifetime = 40320;
/* Snort spp_portscan log file */
$portscan_file = "";
/* Event cache Auto-update
*
* Should the event cache be verified and updated on every
* page log? Otherwise, the cache will have to be explicitly
* updated from the 'cache and status' page.
*
* Note: enabling this option could substantially slow down
* the page loading time when there are many uncached alerts.
* However, this is only a one-time penalty.
*
* 1 : yes
* 0 : no
*/
$event_cache_auto_update = 1;
/* Maintain a history of the visited pages so that the "Back"
* button can be used.
*
* Note: Enabling this option will cause the PHP-session to
* grow substantially after many pages have been viewed causing
* a slow down in page loading time. Periodically return to the
* main page to clear the history.
*
* 1 : yes
* 0 : no
*/
$maintain_history = 1;
/* Level of detail to display on the main page.
*
* Note: The presence of summary statistics will slow page loading time
*
* 1 : show both the links and summary statistics
* 0 : show only the links and a count of the number of alerts
*/
$main_page_detail = 1;
/* Link to external Whois query */
$external_whois_link = "http://www.samspade.org/t/ipwhois?a=";;
//$external_whois_link =
"http://www.geektools.com/cgi-bin/proxy.cgi?targetnic=auto&query=";
/* Link to external DNS query */
$external_dns_link = "http://www.samspade.org/t/dns?a=";;
/* Link to external SamSpade "all" query */
$external_all_link = "http://www.samspade.org/t/lookat?a=";;
/* Link to external Port database */
$external_port_link = "http://www.portsdb.org/bin/portsdb.cgi?portnumber=";;
//$external_port_link = "http://www.snort.org/ports.html?port=";
/* Email Alert action
*
* - action_email_from : email address to use in the FROM field of the mail
message
* - action_email_subject : subject to use for the mail message
* - action_email_msg : additional text to include in the body of the mail
message
* - action_email_mode : specifies how the alert information should be enclosed
* 0 : alerts should be in the body of the message
* 1 : alerts should be enclosed in an attachment
*/
$action_email_from = "ACID Alert <acid>";
$action_email_subject = "ACID Incident Report";
$action_email_msg = "";
$action_email_mode = 0;
?>
--- End /etc/acidlab/acid_conf.php
--- End Message ---
--- Begin Message ---
Version: 0.9.6b20-15+rm
acidlab has been removed because it has been "superseded by acidbase".
--
Martin Michlmayr
http://www.cyrius.com/
--- End Message ---
