atiustira Posted April 28, 2015 Author Posted April 28, 2015 (edited) Well I learned quite a bit about Snort Network Intrusion Detection System along the way. The old tweak it till it breaks then fix it way of learning gives one much experience. What I finally found out was this. The default pass word for barnyard2 is something like snortdb. While I thought Hmm not a very secure password. So I added a special keyboard char of " - " and that one little dash mark turned out to be the thing that caused it to not work! And it didnt throw any errors to syslog out put. I wound up using a longer very secure password with more special keyboard chars and it threw a error, with the code line number. Thats how I found it. So if the offer is still open I finally debugged that, but still I cant seem to get any info in the Basic Analysis and Security Engine (BASE)front end, and I am not sure how to check the MySQL data base to be sure that the data is getting transferred there. Any suggestions please? Edited April 28, 2015 by atiustira Quote
securitybreach Posted April 28, 2015 Posted April 28, 2015 The mysqlcheck client performs table maintenance: It checks, repairs, optimizes, or analyzes tables. 1 Quote
atiustira Posted April 28, 2015 Author Posted April 28, 2015 (edited) Thank you securitybreach root@zina-desktop:/home/zina# mysqlcheck -A -p Enter password: archive.acid_ag OK archive.acid_ag_alert OK archive.acid_event OK archive.acid_ip_cache OK archive.base_roles OK archive.base_users OK archive.data OK archive.detail OK archive.encoding OK They all check out ok like this. Might be that my I am not firing a alert. Found a way to check MySQL data base content. mysql> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | archive | | customer | | myapp_development | | myapp_test | | mysql | | performance_schema | | phpmyadmin | | snort | +--------------------+ 9 rows in set (0.00 sec) mysql> show tables; +------------------+ | Tables_in_snort | +------------------+ | acid_ag | | acid_ag_alert | | acid_event | | acid_ip_cache | | base_roles | | base_users | | data | | detail | | encoding | | event | | icmphdr | | iphdr | | opt | | reference | | reference_system | | schema | | sensor | | sig_class | | sig_reference | | signature | | tcphdr | | udphdr | +------------------+ 22 rows in set (0.00 sec) mysql> DESCRIBE acid_ag_alert; +--------+------------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +--------+------------------+------+-----+---------+-------+ | ag_id | int(10) unsigned | NO | PRI | NULL | | | ag_sid | int(10) unsigned | NO | PRI | NULL | | | ag_cid | int(10) unsigned | NO | PRI | NULL | | +--------+------------------+------+-----+---------+-------+ 3 rows in set (0.00 sec) mysql> SELECT * FROM acid_ag_alert; Empty set (0.00 sec) Edited April 28, 2015 by atiustira Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.