Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-users] problem starting snort..kindly help

from [pearl carlo] Network Security [Permanent Link]
Subject: Re: [Snort-users] problem starting snort..kindly help
Date: Mon, 28 May 2007 18:10:17 -0700 (PDT) 
hi everybody

i actually went ahead and reinstalled after uninstalling and this time i did 
not do it
with dynamic plugin and it worked.
thanks everyone for time..

ps: Joel.. i checked your mail now. i guess that would have been a problem..i 
actually did config couple of times in between by uninstalling it and cleaning 
it at that time it did not work..now i shall try with dynamic plugin too..



Joel Esler <joel.esler@sourcefire.com> wrote: I am looking at your history file 
here, and it looks like you descended into the snort dir, and did a config, but 
you never did a make nor a make install.

Kinda need to do that.
 




joel esler | security consultant | Sourcefire | pgp  key is public



 

On May 28, 2007, at 7:26 PM, pearl carlo wrote:

Hi Scott, atkins, and rmkml

here is what i did after downloading the required packages to /local/usr/src
 
43  cd /usr/local
   44  tar zxvf src/pcre-7.1.tar.gz 
   45  cd pcre-7.1
   46  ./configure
   47  make
   48  make install
   49  cd ..
   50  tar zxvf src/libnet-1.0.2a.tar.gz 
   51  cd Libnet-1.0.2a/
   52  ./configure
   53  make
   54  make install
   55  cd ..
   56  tar zxvf src/libpcap-0.9.4.tar.gz 
   57  cd libpcap-0.9.4/
   58  ./configure
   59  make
   60  make install
   61  cd ..
   62  tar zxvf src/snort-2.6.1.5.tar.gz 
   63  cd snort-2.6.1.5/
  
In between here i installed mysql through rpm (devel and admin)

   78  ./configure --enable-flexresp --with-mysql --enable-dynamicplugin
   79  mkdir /etc/snort
   80  mkdir /var/log/snort
   81  tar zxvf /usr/local/src/snortrules-snapshot-CURRENT.tar.gz  -C /etc/snort
   82  cp etc/*.conf* /etc/snort
   83  cp etc/*.map /etc/snort
   84  ln -s /usr/local/bin/snort /usr/sbin/snort
   85  groupadd snort
   86  useradd -g snort snort
   87  chown snort:snort /var/log/snort
   88  vi /etc/snort/snort.conf
   89  vi /etc/snort/snort.conf
 here i have chaged the RULE_PATH in the snort.conf file
 

  
  112  service mysqld status
  113  service mysqld start
  
here i had some problems related to mysql , sorted those out and continued
setting mysql
it took the schema and no problems creating database here

  164  /usr/local/bin/snort -c /etc/snort/snort.conf 
 at this stage i get the message
bash: /usr/local/bin/snort: No such file or directory
 
  whereis snort  
or
whereis snort.conf
gives me 
snort: /usr/sbin/snort /etc/snort

and if i give 
/usr/sbin/snort -c /etc/snort/snort.conf i get the follwing
bash: /usr/local/bin/snort: No such file or directory

tail -f /var/log/messages gives me following

May 28 15:54:53 localhost last message repeated 50 times
May 28 15:55:55 localhost last message repeated 50 times
May 28 15:56:57 localhost last message repeated 50 times
May 28 15:57:59 localhost last message repeated 50 times
May 28 15:59:01 localhost last message repeated 50 times
May 28 16:00:03 localhost last message repeated 50 times
May 28 16:01:05 localhost last message repeated 50 times
May 28 16:02:07 localhost last message repeated 50 times
May 28 16:03:09 localhost last message repeated 50 times
May 28 16:04:11 localhost last message repeated 50 times

Is it that i need to uninstall the packages and relaod the rpm based version..
can somebody give me clue to progress further and give me some idea what is 
going on and where could be the mistake...

appreciating for your time ..

pearl






"Atkins, Dwane P" <ATKINSD@uthscsa.edu> wrote:     Pearl,
  
 If you do a tail -f /var/log/messages, do you see any errors?  Did you try and 
reconfigure it with the --with-mysql?  
  

 
 
---------------------------------
 From: pearl carlo [mailto:pearlcarlo@yahoo.com]
Sent: Mon 5/28/2007 1:29 AM
To: Atkins, Dwane P
Subject: RE: [Snort-users] problem starting snort..kindly help


 i am trying to install snort 2.6.1.5


"Atkins, Dwane P" <ATKINSD@uthscsa.edu> wrote:  
What version are you trying to install? I can only guess since I am
rather new, but you may want to attempt to ./configure --with-mysql
Make
Make install


-----Original Message-----
From: snort-users-bounces@lists.sourceforge.net
[mailto:snort-users-bounces@lists.sourceforge.net] On Behalf Of pearl
carlo
Sent: Sunday, May 27, 2007 10:29 PM
To: snort-users@lists.sourceforge.net
Subject: [Snort-users] problem starting snort..kindly help

hi all 
i have installed all the required packages and has set up the database
also successfully in mysql but now after doing all the hardwork when i
am trying to start the snort by writing the following
/usr/local/bin/snort -c /etc/snort/snort.conf

i get the following message ..i am unable to understand what i am
missing
bash: /usr/local/bin/snort: No such file or directory

and when i cd to directory structure ....it really do not exist...i hope
that is suppose to be created by snort during installation..

kindly help..i have wasted quite a time on that
pearl


________________________________

Bored stiff? 
Loosen up...
Download and play hundreds of games for free
on Yahoo!
Games.

  

---------------------------------
 Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out. 

       


---------------------------------
Need a vacation? Get great deals to amazing places on Yahoo! 
Travel.-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
 




       
---------------------------------
Building a website is a piece of cake. 
Yahoo! Small Business gives you all the tools to get online.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-users] problem starting snort..kindly help, Joel Esler
Next by Date:  [Snort-users] ADODB/BASE SET UP: snort on fedora 6.0, pearl carlo
Previous by Thread:  Re: [Snort-users] problem starting snort..kindly help, Joel Esler
Next by Thread:  [Snort-users] ADODB/BASE SET UP: snort on fedora 6.0, pearl carlo
Indexes:  [Date] [Thread] [Top] [All Lists]