samsamwun
December 7th, 2004, 08:15
Hi,
When starting Barnyard with snort/sguil, it failed connect to MySQL 4.0.22.
Snort version is 2.2.0, Sguil version is 0.5.2.
The following is typical error:
# barnyard -c barnyard.conf -d /nsm -g gen-msg.map -s sid-msg.map -f snort.log -w -waldo.file &
[2] 1509
root@at [7:56pm] [...etc/snort]# Barnyard Version 0.2.0 (Build 32)
Opened spool file '/nsm/snort.log.1102256375'
OpSguil_Start
Connect from 192.168.4.254:57173 sock12
Validating sensor access: 192.168.4.254 : ALLOWED
Sensor Data Rcvd: RTEvent |||system-info|at||Barnyard started.||||||||
SYSTEM INFO: {} {} system-info at {} {Barnyard started.} {} {} {} {} {} {} {} {}
Sending sock11: InsertSystemInfoMsg at Barnyard started.
Failed to connect to database sguil:mypassword@at/sguildb: Host 'mydom.com' is not allowed to connect to this MySQL server
Fatal Error, Quitting..
Exiting
Sensor Data Rcvd:
Sensor Cmd Unkown (sock12):
Socket sock12 closed
I don't know why I my domain name "mydom.com" is used to connect to the MySQL server. There may be some configuration error somewhere in thd dust.
What might be a possible way to fix this error?
Your suggestion is highly appreciated.
Thanks
Sam
When starting Barnyard with snort/sguil, it failed connect to MySQL 4.0.22.
Snort version is 2.2.0, Sguil version is 0.5.2.
The following is typical error:
# barnyard -c barnyard.conf -d /nsm -g gen-msg.map -s sid-msg.map -f snort.log -w -waldo.file &
[2] 1509
root@at [7:56pm] [...etc/snort]# Barnyard Version 0.2.0 (Build 32)
Opened spool file '/nsm/snort.log.1102256375'
OpSguil_Start
Connect from 192.168.4.254:57173 sock12
Validating sensor access: 192.168.4.254 : ALLOWED
Sensor Data Rcvd: RTEvent |||system-info|at||Barnyard started.||||||||
SYSTEM INFO: {} {} system-info at {} {Barnyard started.} {} {} {} {} {} {} {} {}
Sending sock11: InsertSystemInfoMsg at Barnyard started.
Failed to connect to database sguil:mypassword@at/sguildb: Host 'mydom.com' is not allowed to connect to this MySQL server
Fatal Error, Quitting..
Exiting
Sensor Data Rcvd:
Sensor Cmd Unkown (sock12):
Socket sock12 closed
I don't know why I my domain name "mydom.com" is used to connect to the MySQL server. There may be some configuration error somewhere in thd dust.
What might be a possible way to fix this error?
Your suggestion is highly appreciated.
Thanks
Sam