http://forum.lowyat.net/ Sun, 07 Jun 2026 07:49:57 +0800 FeedCreator 1.7.2 http://forum.lowyat.net/topic/295102 I have a huge amount of &#39;mysql-bin.000002&#39; to &#39;mysql-bin.NNN&#39; style logs in my mysql directory. <br /><br />My question is:<br />1. Is it possible to run mysql without it log to the binary file?(from my.cnf it says &quot; binary logging is required for replication&quot;<br />2. How to turn off this binary logging? (i already try this method but still useless: ./mysqlbinlog --disable-log-bin /usr/local/mysql/var/mysql-bin.000001)<br /><br />Thanks. kitaserupa2000 Linux &amp; Open Source Software Tue, 30 May 2006 20:55:04 +0800 http://forum.lowyat.net/topic/290146 Hello All..<br /><br />Firstly i hope that i post in the right section. <br /><br />Currently one of my responsibilities is doing some firewall analysis for my company. Since i was new in this related field, i can&#39;t examine it in the right way. Now i refer to <a href='http://www.honeynet.org/scans/scan30/sol/index.html' target='_blank'><span style='color:red'>this</a> </span>site and also <a href='http://www.dshield.com/' target='_blank'><span style='color:red'>this</a></span> site for my analysis. If u guys knows other website, maybe a good one for me to refer, please do share it with me. Thanks. kitaserupa2000 Networks and Broadband Thu, 18 May 2006 20:36:03 +0800 http://forum.lowyat.net/topic/286324 Hello..<br />i have difficulties trying to connect my snort sensor to mysql server through stunnel (i want to make my snort sensor log all the events to remote database using stunnel). <br /><br />Here is the error:<!--QuoteBegin--><div class='quotetop'>QUOTE</div><div class='quotemain'><!--QuoteEBegin-->ERROR: database: mysql_error: Can&#39;t connect to local MySQL server through socket &#39;/tmp/mysql.sock&#39; (2)<br />Fatal Error, Quitting..<!--QuoteEnd--></div><!--QuoteEEnd--><br />Here is some portion of my stunnel.conf<!--QuoteBegin--><div class='quotetop'>QUOTE</div><div class='quotemain'><!--QuoteEBegin-->[mysqls]<br />accept&nbsp; = 127.0.0.1:3306<br />connect = 190.254.110.39:3307<!--QuoteEnd--></div><!--QuoteEEnd--><br />Note that 190.254.110.39 is mysql database and stunnel can start successfully.<br /><br />Here is some portion of snort.conf database config<!--QuoteBegin--><div class='quotetop'>QUOTE</div><div class='quotemain'><!--QuoteEBegin-->output database: log, mysql, user=snort password=snort dbname=snort host=localhost<!--QuoteEnd--></div><!--QuoteEEnd--><br />Here is the output from netstat -na | grep tcp<!--QuoteBegin--><div class='quotetop'>QUOTE</div><div class='quotemain'><!--QuoteEBegin-->[root@tdc2 stunnel]# netstat -na | grep tcp<br />tcp&nbsp; &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 0.0.0.0:1025&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 0.0.0.0:*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN<br />tcp&nbsp; &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 0.0.0.0:5666&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 0.0.0.0:*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN<br />tcp&nbsp; &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 0.0.0.0:3306&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 0.0.0.0:*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN<br />tcp&nbsp; &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 0.0.0.0:111&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 0.0.0.0:*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN<br />tcp&nbsp; &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 127.0.0.1:631&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 0.0.0.0:*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN<br />tcp&nbsp; &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 127.0.0.1:5335&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 0.0.0.0:*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN<br />tcp&nbsp; &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 127.0.0.1:25&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 0.0.0.0:*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN<br />tcp&nbsp; &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 :::22&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; :::*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN<br />tcp&nbsp; &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; 52 ::ffff:snort-sensor-IP:22&nbsp; &nbsp; ::ffff:mypcIP:1720 ESTABLISHED<!--QuoteEnd--></div><!--QuoteEEnd--><br />Questions:<br />1. How to make snort, log the events to remote mysql database?<br />2. Is it possible to route using port 80 if let say i want to put my sensor remotely and only port 80 traffic can pass through the firewall? kitaserupa2000 Linux &amp; Open Source Software Tue, 09 May 2006 21:30:28 +0800