[Snort-users] CEREBUS 1.2 Alert Browser and Data Correlator

Phil Wood cpw at ...440...
Tue Aug 27 12:18:13 EDT 2002


Hi,

I see you are in A squared.  I spent a few years there back in the 60 - 70
time frame.

If I change to directory snort and run a find or two:

  % find . -name "*.map" -print
  ./etc/gen-msg.map
  ./etc/sid-msg.map

  % find . -iname "*.map" -print
  ./etc/gen-msg.map
  ./etc/sid-msg.map

You can see the results.

I didn't use / as a path because I knew where to look.

The commands you used below all had a syntax problem.
You might want to switch to M$.

On Tue, Aug 27, 2002 at 02:49:29PM -0400, Donofrio, Lewis wrote:
> No, No, this is not a rant really, its I'm just trying to find the map
> file to run this program on my old snort install (rolled-custom
> distribution with no apps, no gcc, no nothing, just a firewall, three
> nics, snort, etc)
> 
> So far the errors I'm still getting are:
> root at ...6724.../# 
> root at ...6724.../# find / -iname "*.map" - - print
                                       ^  ^
> find: invalid predicate `-'
> root at ...6724.../# find / > -iname "*.map" - - print
                        ^                ^  ^
> find: invalid predicate `-'
> root at ...6724.../# find / > -iname "*.map" -print
You just created a file called "-iname"
> find: *.map: No such file or directory
> root at ...6724.../# 
> root at ...6724.../# 
> root at ...6724.../# 
> root at ...6724.../# find / > -iname "*.map"       
ditto
> find: *.map: No such file or directory
> root at ...6724.../# find . > -iname "*.map"
ditto
> find: *.map: No such file or directory
> root at ...6724.../# locate map
> bash: locate: command not found
> root at ...6724.../# locate .map
> bash: locate: command not found
> root at ...6724.../# locate *.map
> bash: locate: command not found
> root at ...6724.../# locate snort
> bash: locate: command not found
> 
> --oh well...
> ______________________________________________________________________ 
> Lewis	Donofrio at ...1052...	College of Literature, Science, & Arts 
> 1007 East Huron, Room 201,	BetaID:243340	Cell: (734) 323-8776
> Ann Arbor,MI 48104-1690	www.umich.edu/~donofrio	 Fax: (734) 647-8333 
> 
> 
> > -----Original Message-----
> > From: Michael Boman [mailto:michael.boman at ...4162...] 
> > Sent: Tuesday, August 27, 2002 1:37 PM
> > To: dr at ...381...; Donofrio, Lewis; snort-users at lists.sourceforge.net
> > Subject: Re: [Snort-users] CEREBUS 1.2 Alert Browser and Data 
> > Correlator
> > 
> > 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > On Tuesday 27 August 2002 18:19, Dragos Ruiu wrote:
> > > P.s. call me a grumpy old unix guy but I hate extra typing 
> > :-), so i'd 
> > > use:
> > >
> > > find / | grep map
> > >
> > > (-print is the default action of find)
> > 
> > <rant>
> > Under Linux, FreeBSD maybe - but on my SunOS 5.6 I need to 
> > specify '-print', 
> > so I do it just out of habbit. And I belive -iname "*.map" is 
> > faster then 
> > grep'ing for it..
> > </rant>
> > 
> > If it was a few days since you installed it you can probibly 
> > do something like 
> > 'locate map' for quicker result.
> > 
> > > On August 27, 2002 04:47 pm, Michael Boman wrote:
> > > > On Wednesday 28 August 2002 00:05, Donofrio, Lewis wrote:
> > > > > --Sorry but I'm having a hard time getting LS in Linux 
> > to do the 
> > > > > same as DIR /s *.map does in DOS6.22
> > > >
> > > > Dunno if this is a rant or just a .signature - but anyway:
> > > >
> > > > find <directory where to start looking. Usually '.' or 
> > '/'> -iname 
> > > > "*.map" -print
> > 
> > Best regards
> >   Michael Boman
> > 
> > - -- 
> > Michael Boman
> > Security Architect, SecureCiRT (A SBU of Z-Vance Pte Ltd) 
> http://www.securecirt.com -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> 
> iD8DBQE9a7jQds5fQJiraJwRAriSAJ0S92ZrfRMdW8OBFDlGzfPEb9AU+QCbBYlq
> Z7kINcnWlz6vUHQbHQAIxE0=
> =ORcl
> -----END PGP SIGNATURE-----
> 
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by: OSDN - Tired of that same old
> cell phone?  Get a new here for FREE!
> https://www.inphonic.com/r.asp?r_______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list

-- 
Phil Wood, cpw at ...440...





More information about the Snort-users mailing list