[Snort-users] Problem with test script for Cisco vulnerability

Bennett Todd bet at ...6163...
Mon Jul 21 14:44:29 EDT 2003


2003-07-21T14:26:30 CMartin at ...9696...:
> I tried to implement this script to test my snort rules; however, it appears
> that I don't have hping in my /usr/local/sbin directory or not in my /sbin
> directory.  I am running redhat v9.

As others have mentioned, download from <URL:http://www.hping.com/>
and build yourself. If you want an rpm install, I have a spec file
I'll be glad to pass you. It's trivial.

> Also I get the following error when I try to run the script (sh
> exploit.sh).
>
> exploit.sh: line 8: syntax error near unexpected token `('
> exploit.sh: line 8: `foreach protocol (53 55 77 103)'

The exploit script as posted was in tcsh, which has a different
syntax from sh.

> But also an interesting note, my whole /usr/local/sbin is empty.

/usr/local is reserved for non-packaged software. rpms are normally
properly written to install into /usr/sbin, /usr/bin, and so forth.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030721/a47597ef/attachment.sig>


More information about the Snort-users mailing list