论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2008-12-10 11:07 |只看该作者 |倒序浏览

10可用积分

大家好！我是个新手！我前两天在red hat linux9上安装了httpd-2.2.10+mysql-5.0.22+php-5.2.6所有调试成功，但是接下来我再安装和组建snort的时候输入以下代码：# tar zxvf snort-2.3.3.tar.gz
# tar zxvf snort-2.0.0.tar.gz
# cd snort-2.3.3
# ./configure --with-mysql=/usr/local/mysql
# make
# make install
# cd rules
# mkdir /etc/snort
# mkdir /var/log/snort
# cp * /etc/snort
# cd ../etc
# cp snort.conf /etc/snort
# cp *.config /etc/snort
# cd
# vi /etc/snort/snort.conf

# 把“# var HOME_NET 10.1.1.0/24”改成“var HOME_NET 192.168.0.0/24”你自己LAN内的地址，把前面的#号去掉。

# 把“var RULE_PATH ../rules”改成“var RULE_PATH /etc/snort”

# 把“# output database: log, mysql, user=root password=test dbname=db host=localhost”改成“output database: log, mysql, user=root password=123456 dbname=snort host=localhost”密码改成你自己的，把前面的#号去掉。

# 把“
# include $RULE_PATH/web-attacks.rules
# include $RULE_PATH/backdoor.rules
# include $RULE_PATH/shellcode.rules
# include $RULE_PATH/policy.rules
# include $RULE_PATH/porn.rules
# include $RULE_PATH/info.rules
# include $RULE_PATH/icmp-info.rules
include $RULE_PATH/virus.rules
# include $RULE_PATH/chat.rules
# include $RULE_PATH/multimedia.rules
# include $RULE_PATH/p2p.rules”前面的#号删除。

# 修改完毕后，保存退出。

三、建立snort数据库
# /usr/local/mysql/bin/mysql -uroot -p123456
# create database snort;
# grant INSERT,SELECT on root.* to snort@localhost;
# exit
# 这时我们进入snort2.0的contrib的目录
# cd /usr/local/src/snort-2.0.0/contrib/
# /usr/local/mysql/bin/mysql -uroot -p123456 < create_mysql snort
就是执行到最后的这个命令# /usr/local/mysql/bin/mysql -uroot -p123456 < create_mysql snort 的时候系统提示我：ERROR 1064 (42000) at line 23: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'schema ( vseq       INT    UNSIGNED NOT NULL,
                  ctime ' at line 1
这是怎么回事啊？？怎么解决？谢谢大家！！我是个新手！是不是MYSQL的版本不合适啊？请高手解答！！谢谢！