Date: Mon, 16 Jul 2001 16:00:02 -0700 From: faSty <fasty@i-sphere.com> To: Eric Sproul <esproul@ntelos.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: stunnel/mysql question Message-ID: <20010716160002.A80238@i-sphere.com> In-Reply-To: <3B53529F.A0DBDC48@ntelos.net>; from esproul@ntelos.net on Mon, Jul 16, 2001 at 04:46:23PM -0400 References: <3B53529F.A0DBDC48@ntelos.net>
next in thread | previous in thread | raw e-mail | index | archive | help
you need fix your hostname on MySQL under db table in mysql database.
I.E.
1. mysql mysql
2. insert into db values(Host,User,Db)
3. values("hostname","username","snortdb");
4. flush privileges;
very important you find correct hostname, you must find exactly hostname
when you are on tunneled and once you find correct hostname to replace
"hostname" in values's parameters. I assumed
values("127.0.0.1","snortdb","your snort db name here");
It should work for you and make sure you correct db name since you didnt
tell me full information on database name.
-trev
On Mon, Jul 16, 2001 at 04:46:23PM -0400, Eric Sproul wrote:
> Hi all,
> I'm trying out a setup that was described in the latest Sysadmin issue--
> setting up Snort to log to a MySQL db over an stunnel-encrypted
> connection. Anyone else tried this yet?
>
> I'm running the client on 4.3-STABLE, with mysql323-client from the port
> (3.23.39) and stunnel 3.14, also from the port. The server is my Redhat
> 7.1 workstation with mysql 3.23.36 from RPM and stunnel 3.14 from
> source. As far as I can tell, both the mysql server and stunnel are
> configured correctly. I followed all the setup guidelines and made sure
> I had the access rights correct.
>
> The client has stunnel listening to localhost:3306 and forwarding to
> <server>:3307. The server is listening to port 3307 and forwarding to
> its localhost:3306, where the mysql server is running. But when I try
> to connect from the client over the stunnel-ed connection, I get
>
> client$ mysql -h 127.0.0.1 -u snortdb -p snortdata
> Enter password:
> ERROR 1045: Access denied for user: 'snortdb@localhost.localdomain'
> (Using password: YES)
>
> I can connect the same way right on the server and get in. I've
> eliminated host ACL's as the cause. On the network level everything is
> fine. Could stunnel be somehow mangling the login process? I don't
> have much experience with stunnel or SSL in general so I'm at a loss
> here.
>
> Thanks in advance!
> Eric
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
--
Acid -- better living through chemistry.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010716160002.A80238>