snort a mysql

[Katerina Bubenickova]

>
> Zda se mi to nejake zamotane :)
>
> Imho potrebujete:
> 1) Na slacku prelozit snort s podporou mysql, k tomu si budete muset 
> nainstalovat devel baliky k mysql. Bezet mysql server snad neni potreba.
Ano, to mam,
> 2) Na suse bezet mysql server a mit povoleny pristup na mysql (port na 
> firewallu + 
To snad taky
> nechat mysql poslouchat na venkovnim interfacu).
Tohle jsem nijak nezarizovala.
>
> Pokud tohle mate, tak by vam snort snad mel komunikovat (nebo se aspon 
> pokusit a pripadny neuspech logovat) s mysql na suse pres sit (port 
> tusim defaultne 3306). 
 > nmap localhost
3306/tcp open  mysql

Takze to asi funguje
> Ta poznamka o mysql.sock se mi zda matouci.
Podle toho, co jste psal, je to irelevantni.
>
> Ktery z kroku Vam zhavaruje?
>
Vypis z logu
- snort: database: mysql_error: You have an error in your SQL syntax; 
check the manual that corresponds to your MySQL server version for the 
right syntax to use near 'schema' at line 1
- snort: FATAL ERROR: database: The underlying database has not been 
initialized correctly.  This           version of Snort requires version 
106 of the DB schema.  Your DB doesn't appear to have any records in the 
'schema' table.           Please re-run the appropriate DB creation 
script (e.g. create_mysql, create_postgresql, create_oracle, 
create_mssql) located in the   contrib\ directory. See the database 
documentation for cursory details (doc/README.database).   and the URL 
to the most recent database plugin documentation.

Skript create_mysql jsem spustila, v tabulce schema je jeden radek, 
obsahujici 106 a datum spusteni skriptu.

--Katerina Bubenickova