 Start the MySQL client by typing "mysql". If you have restrictions,
 follow the format "mysql -u your_username -p" and it will then prompt
 you for your password.

If the root account does not already have a password, you can set one by 
typing in the following commands:

 # mysql -u root mysql
 mysql> UPDATE user SET Password=PASSWORD('new_password')
           WHERE user='root';
 mysql> FLUSH PRIVILEGES;

 While still at the "mysql>" prompt, type in the following commands
 sequentially. Change the your_password to your chosen MySQL password, this
 sequence will allow this user to connect to your MySQL server from any host
 except the localhost.

CREATE DATABASE snort;

grant UPDATE,DELETE,INSERT,SELECT on snort.* to snort identified by 'your_password';

# for more security, you should lock it down to a specific site by executing
# the following variation (with the IP address of the client that will be
# connecting to the DB substituted for the fake IP address) INSTEAD of the commands above:

grant UPDATE,DELETE,INSERT,SELECT on snort.* to snort@192.168.0.11 identified by 'your_password';

FLUSH PRIVILEGES;


Many times mysql databases come with default anonymous access users.  This can cause problems and
not allow access to the snort user.  In order to delete these anonymous accounts perform the following
commands at the mysql prompt:
(NOTE: make sure there are no other programs that need this access and that you are actually
experiencing trouble after performing the previous commands before performing the following)

use mysql;
DELETE FROM user WHERE User = '';
FLUSH PRIVILEGES;
exit;


------------------------

 If you've followed the previous steps your database is ready to accept the schema.
 From your /usr/local/demarc/install directory, run "./dm_load_db.pl", if you get any
 perl errors here, it's most likely due to uninstalled perl modules.

 It will prompt you as follows:
 > DB USER? >root
 > DB PASSWORD? >your_password
 > DB HOST? >localhost
 > DB NAME? >snort

 NOTE: Please make sure the DB user you specify has enough privileges to alter
       the database schema.  The default snort user we just created does not, 
       so a good choice here is usually "root".
       

 and return:

 > User: root
 > Password: your_password
 > Host: localhost
 > Name: snort
 >
 > Is this correct?[Y/n] >


 Type "y" and then press enter it should run through a series of queries
 without any errors.


Recommendations
-------------------

 To be more secure, you should have a different account for
 each sensor, and lock those accounts down to each host they are connecting
 from.


