-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All
Estou tendo problemas com o trio snort, acid e mysql. Fiz o a instalação e configuração do snort, acid e mysql seguindo o roteiro[1], mas infelizmente no acid não esta aparecendo nada. Não tive nenhum problema durante a instalação do snort e do acid, mas aparentemente o snort não esta logando nada. Alguém por acaso teria alguma idéia do que eu fiz de errado ? Obrigado. 1-roteiro # Dados Técnicos # ################## gateway = servidor MySQ = localhost = netrino # Instalacao # $ aptitude install snort-common snort-mysql snort-rules-default mysql-client mysql-server acidlab -y # Criacao da base de dados # # mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 1 to server version: 3.23.36-log Type 'help;' or '\h' for help. Type '\c' to clear the buffer mysql> create database snort; Query OK, 1 row affected (0.01 sec) mysql> grant insert, select on snort.* to [EMAIL PROTECTED] identified by 'senha123'; Query OK, 0 rows affected (0.02 sec) mysql> grant insert, select, delete, update, create on snort.* to [EMAIL PROTECTED] identified by 'acid_senha'; Query OK, 0 rows affected (0.01 sec) mysql> quit; # cp /usr/share/doc/snort-mysql/create_mysql.gz /tmp # gunzip /tmp/create_mysql.gz # mysql -u root -p snort < /tmp/create_mysql $ vi /etc/snort/reference.config output database: log, mysql, dbname=snort user=snort host=localhost password=snort_user_password # Criando o usuario acid $ mysql -u root -p mysql> grant insert,select,delete,update,create on snort.* to [EMAIL PROTECTED] identified by 'acid_user_password'; mysql> quit; $ vi /etc/mysql/my.cnf # Comentar a linha abaixo #skip-networking $ vi /usr/share/acidlab/acid_conf.php $alert_dbname = "snort"; $alert_host = "stargate"; $alert_port = ""; $alert_user = "snort"; $alert_password = "snort_user_password"; /* Archive DB connection parameters */ $archive_dbname = "snort"; $archive_host = "stargate"; $archive_port = ""; $archive_user = "snort"; $archive_password = "snort_user_password"; ln -sf /usr/share/acidlab/ /var/www/acidlab - -- .''`. Caio Abreu Ferreira : :' : GNU/Linux Debian `. `'` fingerprint 0B5 0357 B80C E53C 5EF6 9D58 2D1B 0602 45E5 183A `- Key ID 0x45E5183A Linux Couter 327834 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFD3L6oLRsGAkXlGDoRAsRwAJ482QwmFtRlVzC5gpTWzdgUqtj49wCgk3Lq 8d1by60x3uoRTLPVsUzlN4k= =GB9f -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]