Comments on Installation & Configuration Of Intrusion Detection With Snort, ACIDBASE, MySQL, And Apache2 On Ubuntu 9.04 Using SPM

Installation & Configuration Of Intrusion Detection With Snort, ACIDBASE, MySQL, And Apache2 On Ubuntu 9.04 Using SPM This tutorial describes how to install and configure Snort intrusion detection system (IDS), ACIDBASE (Basic Analysis and Security Engine), MySQL, and Apache2 on Ubuntu 9.04 using packages from Ubuntu’s Synaptic Package Manager. Snort will assist you in monitoring your network and alert you about possible threats. Snort will output its log files to a MySQL database which ACIDBASE will use to display in a graphical interface in web browser.

7 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: Anonymous
Reply  

honestly, if you're too blind to see the r in that needs to be removed, what the hell are you doing installing and configuring snort in the first place?

By: Anonymous
Reply  

<user>r@localhost, what is this r used for?

By: Anonymous
Reply  

Please proof-read and correct your syntax in section 4.1. 

By:
Reply  

i think there is more to it than obvious syntax typos. thats ok, we all should review those thing. but the archive user isnt working more importantly in mysql. shrugs...

By: Christian Wilken
Reply  

 Shouldn't part 4.2 look like this (or is there in fact a DB called "root"?):
 
[...]
mysql> create database snort;
mysql> grant INSERT,SELECT on snort.* to root@localhost;
[...]
 
 instead of:
 [...]
mysql> create database snort;
mysql> grant INSERT,SELECT on snort.* to root@localhost;
[...]

By: Anonymous
Reply  

please i have a problem with data bases, look at this result :

database:          host = localhost
database:   sensor name = 192.168.201.136
database: mysql_error: Table 'db.sensor' doesn't exist
database: mysql_error: Table 'db.sensor' doesn't exist
SQL=INSERT INTO sensor (hostname, interface, detail, encoding, last_cid) VALUES ('192.168.201.136','eth0',1,0, 0)
database: mysql_error: Table 'db.sensor' doesn't exist
database: Problem obtaining SENSOR ID (sid) from db->sensor
ERROR:
 When this plugin starts, a SELECT query is run to find the sensor id for the
 currently running sensor. If the sensor id is not found, the plugin will run
 an INSERT query to insert the proper data and generate a new sensor id. Then a
 SELECT query is run to get the newly allocated sensor id. If that fails then
 this error message is generated.

 Some possible causes for this error are:
  * the user does not have proper INSERT or SELECT privileges
  * the sensor table does not exist

 If you are _absolutely_ certain that you have the proper privileges set and
 that your database structure is built properly please let me know if you
 continue to get this error. You can contact me at ([email protected]).

Fatal Error, Quitting..

By: ruata
Reply  

Copy & paste from the tutorial is a bad practice, so always type by yourself. I hope that will help you.