[Snort-users] More snort problems

McCammon, Keith Keith.McCammon at ...3497...
Tue Jul 9 06:37:35 EDT 2002


Well, first of all, you're much better off downloading snort and installing from the source code.

1) Download from www.snort.org, gunzip snort.tar.gz, tar -xf snort.tar, and you're left with a directory containing the source.

2) Move it to /usr/local, or wherever you want.

3) Change to the source directory, and do ./configure, make, make install.  This is also in the USAGE file.

4) Install done.  Now create a logging directory, and you're all set.

Now just read the docs, and run Snort with the appropriate command-line arguments--use the full path to all binaries and config files.

Also, not that it's any of my business, you don't sound all that comfortable with the operating system itself.  This is surely slowing you down and causing some frustration.  Learn FreeBSD first, then move on to securing it, scripting, etc., then start the IDS work.  Once you get Snort running, you're going to have a bear of time testing and tweaking without some knowledge of BSD scripting for shortcuts.  For example, while I concur that the package does install things in some backwards, useless places, you can find everything you need with a simple "find / -name "snort*" -print" and run as is.

Hope this helps.

Cheers

Keith  
--------------------------------------------------------
1. I cant find snort.conf (or any snort file for that matter)

2. Permissions?

I made a directory called snort in /var/log to see if it would fix it and then I did the command snort  -h 172.16.0.1/10 -c snort.conf -l/snort/ -dev
still an error message!  




More information about the Snort-users mailing list