Hi,
First, this is my first time posting to an openbsd maillist... So "Hi
Everybody!"
Now my current issue...
Am building a firewall (OpenBSD 3.8) for our company and have used a
ports install of Snort (FLAVOR=mysql) for intrusion detection. It all
works fine except that I want the communication between Snort (on
firewall) and Mysql Server (currently my desktop for testing) to be
encrypted. In the past I had done this on OpenBSD using Stunnel with
mysql 3.xx.xx. I'm trying to get it all going with ssl enabled mysql
client and server.
I have done a ports install of mysql-client (libmysqlclient.so.12.0) and
have set up the certificates. I can make an encrypted connection to the
mysql server from the OpenBSD firewall using the ports built mysql
client so I guess that much is set up correctly. I have a my.cnf in /etc
with just the following lines currently:
[client]
ssl-ca=/etc/mysql/openssl/cacert.pem
ssl-cert=/etc/mysql/openssl/client-cert.pem
ssl-key=/etc/mysql/openssl/client-key.pem
What I can't figure out is how to get Snort to use ssl for it's mysql
connection. Have now spent about 4 working days on this, seached
Internet for answers but have not found much and finally decided to try
asking here. It's probably something simple that is staring me right in
the face but I seem to be blind to it.
If anyone could please point me to documentation which will explain to
me how snort needs be build on OpenBSD 3.8 to have ssl enabled mysql
connections that would be wonderful. Strait out answers on what I need
to do will also be gleefully accepted. I'm happy to provide more
information on my setup as needed, please just ask.
Thanks for your time!
Chris
--
Number 41 Media Corporation
Suite 103 - 645 Fort Street
Victoria BC V8W 1G2
T 250.414.0410
F 250.414.0411
