[Snort-users] snort 2.0.0 rules

msmythe at ...9424... msmythe at ...9424...
Wed Jun 11 12:57:16 EDT 2003


Hi,
I use redhat 7.3, kernel 2.4.20.18-7 platform,with snort 2.0.0

I´m tryng to run form   [msmythe at ...9434... msmythe] directory, where i have a
snort and log directories. The error message says:
can not get write access to logging directory "var/log/snort". (directory
doesn´t exist or permissions are set incorrectly or it is not a directory as
all)
Fatal Error, Quitting..
.... i checked it out  in /var/log and snort directory doesn´t exist. Should
i create it?

OK, i´ll use snort instead of ./snort.

Another questions please:
1. must i have to use MySQL or ACID?...why?
2. exist another snort 2.0.0 rules file? or i downloaded with the last
release of snort 2.0.0.? . How can i use it?

 Thanks in advance.

----- Original Message -----
From: "Matt Kettler" <mkettler at ...4108...>
To: <msmythe at ...9424...>; <snort-users at lists.sourceforge.net>
Sent: Tuesday, June 10, 2003 6:58 PM
Subject: Re: [Snort-users] snort 2.0.0 rules


At 06:26 PM 6/10/2003 -0500, msmythe at ...9424... wrote:
>Hi everyone, i´m just known snort and i don´t know how set the rules or if
>exist rules file for 2.0.0.
>
>I install it by the book, but i can´t execute   ./snort -d -h
>xxx.xxx.xxx.xxx./24 -l ./log -c snort.conf   command

Define "can't execute".. what exactly happens when you try the above, what
exact error message do you get?

What platform are you using?

What directory are you in when you are trying to do this?

Why are you using ./snort instead of snort or /usr/bin/snort or some such
thing?. (the use of ./ means to only find snort in the current directory)

Is there a direcory named "log" in the directory you are running all this
from?





















More information about the Snort-users mailing list