Hi, I have followed the steps mentioned in this http://www.howtoforge.com/intrusion-detection-with-snort-mysql-apache2-on-ubuntu-7.10 till 12. Time to test Snort and when i run the test i get this Initializing Network Interface eth1 Decoding Ethernet on interface eth1 database: compiled support for ( ) database: configured to use mysql database: 'mysql' support is not compiled into this build of snort ERROR: If this build of snort was obtained as a binary distribution (e.g., rpm, or Windows), then check for alternate builds that contains the necessary 'mysql' support. If this build of snort was compiled by you, then re-run the the ./configure script using the '--with-mysql' switch. For non-standard installations of a database, the '--with-mysql=DIR' syntax may need to be used to specify the base directory of the DB install. See the database documentation for cursory details (doc/README.database). and the URL to the most recent database plugin documentation. Fatal Error, Quitting.. i have compiled the latest version of snort available i.e v2.8.0.1 with the switches mentioned in the tutorial.i did nt miss any step or encounterd any errors till that step.how should i go about furthur....? Thank You, Frk
I have'nt got any errors with that.its only when i run to test snort i get it.do i need to use or mention any specific directory with the switch --with-mysql=DIR. I just followed the tutorial.
No, not if configure didn't report any errors... Do you have libmysqlclient15-dev and php5-mysql installed?