richartes

Barnyard2 test fails with - ERROR: relations "schema" does not exist

12 posts in this topic

Barnyard2 test fails after making changes to barnyard2.conf given in instructions:

ERROR database:postgresql_error: ERROR: relations "schema" does not exist

LINE 1: SELECT vseq FROM schema

ERROR database: executing Select() with Query [SELECT vseq FROM schema]

ERROR: database problems with schema version, bailing...

Fatal Error,Quitting

barnyard2 exiting

ERROR database: database: postgresql_error: ERROR:   relations "sensor" does not exist

LINE 1: UPDATE sensor SET last_cid = 4294967295 WHERE sid = 0;

database: closing connection to database "snort"

Share this post


Link to post
Share on other sites

It appears you have not completed Configuring the PostgreSQL Database Server. Go back to that section and complete. It might be easier to just reinstall the database and start over?

Share this post


Link to post
Share on other sites

Morpheus

Thanks for the advice. Exactly where is the database file in winids?

I want to delete the database and reinstall. Where do I start over to reinstall the database?

After reinstalling the database I will go back and try redoing  Configuring the PostgreSQL Database Server.

Sorry for the naive questions!

Thanks again!!, Richartes

Share this post


Link to post
Share on other sites

Make SURE barnyard2 is not running, but it shouldn't be.

Uninstall the PostgreSQL server. You might be able to do this simply by running the PostgreSQL server install again, and choosing to uninstall. Remove everything the uninstall will allow. You can also go to the Add/Remove programs to uninstall.

After uninstall go to the d:/winids folder and delete the PostgreSQL folder, and reboot.

Go to the section titled Installing the PostgreSQL Database Server and complete.

Go to the section titled Configuring the PostgreSQL Database Server and complete.

At the CMD prompt type 'd:\winids\postgresql\bin\pg_ctl restart -w -t 10 -D d:\winids\postgresql\data\ -m f' (less the outside quotes), and tap the 'Enter' key.

Go to the section titled Configuring Barnyard2 checking to make sure Barnyard2 was correctly configured, and continue to complete tutorial.

Share this post


Link to post
Share on other sites

Morpheus,

Great! I found the error was in installing PostgreSQL (initially it ran out of disk space and I ignored it). Now everything works fine (lots of files fly through the barnyard2 box). However, when I try to get to the Console at http://winids, I get to a MS welcome screen for Internet Information Services. I tried going through the  Configuring IIS for the Windows Intrusion Detection Security Console installation section again but got the same result.  ???

Also after I closed the Barnyard2 box it disappeared from the task bar - where do I open it again? I  tried clicking on barnyard2.exe in the winids/barnyard2 folder and the box flashes on and then disappears. Says I need to tell it something to do?

Thanks Again!! Richartes

Share this post


Link to post
Share on other sites

Go to the section titled Configuring IIS for PHP, and the Windows Intrusion Detection Systems security console and complete.

Go to the section titled Testing IIS, and the PHP installation and complete.

 

To manually start Barnyard2:

Open a CMD window with Administrator privileges and type 'd:\winids\activators\start.bat' (less the outside quotes), and tap the 'Enter' key.

Closing the window will close Barnyard2. Shrink the Barnyard2 window to the task bar for normal operations.

 

Share this post


Link to post
Share on other sites

Morpheus,

More progress. I completed the two sections you suggested. Now http://winids goes to a page listing error 403.14 (see below). When I repeated the 

two sections, I noticed that initially I left the "base" directory off the "physical path" - so correcting that probably partially solved the problem.

Please let me know what to try next.

I also am having problems with Barnyard2. When I first got it to run in the box, it was listing a flow of info. Now it just sits there saying "Waiting for new data" (for hours),

even when I reboot. ???

I can start and shrink Barnyard2 now as you suggest.

Thanks for your help and patience!! Richartes

HTTP Error 403.14 - Forbidden

The Web server is configured to not list the contents of this directory.

Most likely causes:

  • A default document is not configured for the requested URL, and directory browsing is not enabled on the server.

Things you can try:

  • If you do not want to enable directory browsing, ensure that a default document is configured and that the file exists.
  • Enable directory browsing using IIS Manager.
    1. Open IIS Manager.
    2. In the Features view, double-click Directory Browsing.
    3. On the Directory Browsing page, in the Actions pane, click Enable.
  • Verify that the configuration/system.webServer/directoryBrowse@enabled attribute is set to true in the site or application configuration file.

Detailed Error Information:

Module    DirectoryListingModule
Notification    ExecuteRequestHandler
Handler    StaticFile
Error Code    0x00000000
Requested URL    http://winids:80/
Physical Path    d:\winids\inetpub\wwwroot\base
Logon Method    Anonymous
Logon User

   Anonymous

 

Share this post


Link to post
Share on other sites

Did you go to the section titled Testing IIS, and the PHP installation and complete?

Did the test.php display the PHP summary? 

Share this post


Link to post
Share on other sites

Morpheus,

Yes I completed  Testing IIS, and the PHP installation again. The PHP summary displays and reads as instructed.

Still same problems with barnyard2 waiting for data and http://winids going to ERROR page.

???

Thanks again, Richartes

Share this post


Link to post
Share on other sites
3 hours ago, richartes said:

Morpheus,

Yes I completed  Testing IIS, and the PHP installation again. The PHP summary displays and reads as instructed.

Still same problems with barnyard2 waiting for data and http://winids going to ERROR page.

???

Thanks again, Richartes

It is normal for Barnyard2 to stop at waiting for data. There needs to be events triggered to move past that.

To namually trigger events try this.

Share this post


Link to post
Share on other sites

Morpheus,

Tried the test data steps. Nothing responds. I can get Snort to spit out a stream of data if I run 'snort -i2' (i.e. x = 2). I get only two IDs of 1 and 2. The "x=1" does not give a data stream in snort.

Don't know if this is relevant. Still puzzled on how to proceed. Any more suggestions?

Richartes

PS: Should  'include $RULE_PATHtest.rules' listed in your instructions be changed to  'include $RULE_PATH/test.rules' ?

Share this post


Link to post
Share on other sites

You should have already set up the switch for the correct interface, and you shouldn't be guessing at this point in the tutorial.

The correct format, and has been fixed: 'include $RULE_PATH/test.rules'

At this point there have been so many problems that my suggestion it wipe the drive and start over fresh and follow the tutorial verbatim.

  

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now