Access denied for user: '@192.168.0.1' -SNORT-
mike Hughes
mikehughes013
Mon May 17 11:44:13 PDT 2004
whaaats up guys...
I have worked at this for a while now but cant figure it out...I have been
trying to get snort working using this as my reference but am stuck on the
send to last step HELP!
here is my reference:
http://www.sans.org/rr/intrusion/practical_guide.php
OK here is what my IDS sensor file looks like:
SensorName : Sensor1
IP Adress of Sensor: 1xx.17x.13.64 <---my internet IP
policy name: Sensor1
username : root
Here is my IDS policy settings
Policy name : sensor 1
snort-1.9
policy location: c:\programfiles\activeworx\Sensor1\snort.conf
description policy for sensor 1
192.168.0.69 is windows machine (whereim managing snort)
192.168.0.1 is my LAN interface eth1
eth0 is my internet interface
snort-mysql+flexresp –v –c /etc/snort/snort.conf
Initializing Output Plugins!
Log directory = /var/log/snort
Initializing Network Interface eth0 #<-----this is my INTERNET interface
eth0 and eth1 is my ####################### lan interface
--== Initializing Snort ==--
Decoding Ethernet on interface eth0
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file /etc/snort/snort.conf
++++++++++++++++++++++++++++++++++++++++++++++++++
+
Initializing rule chains...
http_decode arguments:
Unicode decoding
IIS alternate Unicode decoding
IIS double encoding vuln
Flip backslash to slash
Include additional whitespace separators
Ports to decode http on: 80
rpc_decode arguments:
Ports to decode RPC on: 111 32771
Stream4 config:
Stateful inspection: ACTIVE
Session statistics: INACTIVE
Session timeout: 30 seconds
Session memory cap: 8388608 bytes
State alerts: INACTIVE
Evasion alerts: INACTIVE
Scan alerts: ACTIVE
Log Flushed Streams: INACTIVE
MinTTL: 1
TTL Limit: 5
Async Link: 0
No arguments to stream4_reassemble, setting defaults:
Reassemble client: ACTIVE
Reassemble server: INACTIVE
Reassemble ports: 21 23 25 53 80 143 110 111 513
Reassembly alerts: ACTIVE
Reassembly method: FAVOR_OLD
Conversation Config:
KeepStats: 0
Conv Count: 32000
Timeout : 60
Alert Odd?: 0
Allowed IP Protocols: All
Portscan2 config:
log: /var/log/snort/scan.log
scanners_max: 3200
targets_max: 5000
target_limit: 5
port_limit: 20
timeout: 60
No arguments to frag2 directive, setting defaults to:
Fragment timeout: 60 seconds
Fragment memory cap: 4194304 bytes
Fragment min_ttl: 0
Fragment ttl_limit: 5
Fragment Problems: 0
telnet_decode arguments:
Ports to decode telnet on: 21 23 25 119
ERROR spp_arpspoof /etc/snort/snort.conf(39) => Cannot initialize
arpspoof_detect_host without arpspoof
database: compiled support for ( mysql )
database: configured to use mysql
database: database name = snort
database: user = sensor1
database: host = 192.168.0.69
database: port = 3306
database: sensor name = Sensor1
database: detail level = full
database: mysql_error: Access denied for user: '@192.168.0.1' to database
'snort'
Fatal Error, Quitting..
How can i debug this and try to figure out what setting is wrong???
Im a newbie to mysql soo im not too sure how to see those settings: but i
followed the directions properly.
_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
http://join.msn.com/?page=features/virus
More information about the Linux-users
mailing list