Riffraff and Magenta won't talk to one another
Reinstalled the Sguil client this morning on Magenta. Both boxes were up and running when I attempted to test communication between the two.
I'm getting "invalid USERNAME or PASSWORD" when I try putting RiffRaff's address in the Sguild Host field and 7734 in the Sguild Port field. I'm entering the sguil user's correct username and correct password for Riffraff.
After thinking about it for a while, I remembered that the old, old instructions Richard Bejtlich had placed out on the internet for our benefit mentioned that we had to add other accounts to the database if we had more than one system. ("You must also set permissions for the sensor and sguild server to connect to the database.") So I tried to add everything I could think of...
MySQLd was stopped and restarted. I tried to log in again to view Riffraff's Sguil data from Magenta's Sguil client interface.
"invalid USERNAME and/or PASSWORD"
Still trying to figure this one out on my own, but I'm not sure I understand enough about MySQL and the way Sguil communicates between components/systems to figure it out totally on my own. If I can't figure it out by tomorrow at 1:00 p. m., I might just ask the nice folks at #snort-gui if they can provide a hint as to what the problem might be.
I'm getting "invalid USERNAME or PASSWORD" when I try putting RiffRaff's address in the Sguild Host field and 7734 in the Sguild Port field. I'm entering the sguil user's correct username and correct password for Riffraff.
After thinking about it for a while, I remembered that the old, old instructions Richard Bejtlich had placed out on the internet for our benefit mentioned that we had to add other accounts to the database if we had more than one system. ("You must also set permissions for the sensor and sguild server to connect to the database.") So I tried to add everything I could think of...
/usr/local/bin/mysql --password=r00tpass -e "GRANT ALL on sguildb.* to sguil@localhost"
/usr/local/bin/mysql --password=r00tpass -e "GRANT ALL on sguildb.* to sguil@magenta"
/usr/local/bin/mysql --password=r00tpass -e "GRANT ALL on sguildb.* to sguil@magenta.company.com"
/usr/local/bin/mysql --password=r00tpass -e "GRANT FILE on *.* to sguil@localhost"
/usr/local/bin/mysql --password=r00tpass -e "GRANT FILE on *.* to sguil@magenta"
/usr/local/bin/mysql --password=r00tpass -e "GRANT FILE on *.* to sguil@magenta.company.com"
/usr/local/bin/mysql --password=r00tpass -e "SET password for sguil@localhost=password('somepass')"
/usr/local/bin/mysql --password=r00tpass -e "SET password for sguil@magenta=password('somepass')"
/usr/local/bin/mysql --password=r00tpass -e "SET password for sguil@magenta.company.com=password('somepass')"
MySQLd was stopped and restarted. I tried to log in again to view Riffraff's Sguil data from Magenta's Sguil client interface.
"invalid USERNAME and/or PASSWORD"
Still trying to figure this one out on my own, but I'm not sure I understand enough about MySQL and the way Sguil communicates between components/systems to figure it out totally on my own. If I can't figure it out by tomorrow at 1:00 p. m., I might just ask the nice folks at #snort-gui if they can provide a hint as to what the problem might be.
posted by JD at
9:50 PM
0 Comments:
Post a Comment
<< Home