[Snort-devel] Snort-1.8p1-0.i386.rpm

Dusty Evans DEvans at ...532...
Fri Jul 13 17:38:49 EDT 2001


I have installed the rpm onto a Red Hat 7.0 Box and it starts up and runs but is not generating an alert file in /var/log/snort as the previous 1.7 version did.  It is writing to the portscan.log and generating the exploit directories containing the packet captures.

The startup snortd script from my /etc/rc.d/init.d is below:

#!/bin/sh

# snortd Start/Stop the snort IDS daemon.

# chkconfig: 2345 40 60
# description: snort is a lightweight network intrusion detection tool that
 currently detects more than 1100 host and network
 vulnerabilities, portscans, backdoors, and more.

# June 10, 2000 -- Dave Wreski <dave at ...533...>
 - initial version

# July 08, 2000 Dave Wreski <dave at ...534...>
 - added snort user/group
 - support for 1.6.2

# Source function library.
. /etc/rc.d/init.d/functions

# Specify your network interface here
INTERFACE=eth0

# See how we were called.
case "$1" in
 start)
 echo -n "Starting snort: "
 daemon /usr/sbin/snort -u snort -g snort -s -d -D \
 -i $INTERFACE -l /var/log/snort/ -c /etc/snort/snort.conf
 touch /var/lock/subsys/snort
 echo
 ;;
 stop)
 
Do you have any ideas?

Thanks,


Dusty Evans
Computer Specialist
USDA-ARS, MSA
JWDSRC Federal Building
141 Experiment Station Road, Room 136
P.O. Box 225
Stoneville, MS  38776

Voice (662) 686-5339
Fax (662) 686-5373

devans at ...535...
or
devans at ...532...





More information about the Snort-devel mailing list