[Snort-users] I sTarted from the beagining !!!!!!

Esler, Joel - Contractor joel.esler at ...9426...
Mon Sep 13 12:53:21 EDT 2004


Apply this rule after message arrives
If sender = juan fernandez
Send item to deleted items
Stop processing rules

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Juan
Fernandez
Sent: Monday, September 13, 2004 2:34 PM
To: 'Lance Boon'; snort-users at lists.sourceforge.net
Subject: [Snort-users] I sTarted from the beagining !!!!!!




I started from the beginning.

Do I need to install on the sensor also adodb,acid zlib pcre libpcap and
jpgraph?

Those pakages I allready installed on the management + Acid so I can
view the alerts. Do I need to Install them on the sensor too?

I think I need to install on the sensor just libpcap,
snort-mysql-2.1.3-0.fdr.1.i386.rpm and snort-2.1.3-0.fdr.1.i386.rpm

Please correnct me if im wrong !!!

Thanks 

-----Original Message-----
From: Lance Boon [mailto:lboon at ...11799...] 
Sent: Monday, September 13, 2004 8:37 PM
To: snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] I am using Petrick harper's guide still have
problems !!

May I offer a suggestion? 
1. Take the box and start over from scratch.
2. Print out Patrick Harpers install guide, then read it.
3. Take a highlighter and start from the very beginning, when you do
something highlight it and go to the next step. His guide is
designed/setup to help anyone get snort up and running and if you follow
it step by step you won't have a problem. If you have problems then I
would say you've missed a step someplace along the line.

Side note, is it just you that's going to be monitoring snort? From what
it sounds like to me if "he doesn't give a shit" is that he just wants
an ids system in place to say that "yes we are running an intrusion
detection system" to the higher ups. Once you get this up and running
you are going to be dealing with the day to day issues of running it and
that's a whole different ballgame.

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Juan
Fernandez
Sent: Monday, September 13, 2004 11:12 AM
To: 'snort-users at lists.sourceforge.net'
Subject: [Snort-users] I am using Petrick harper's guide still have
problems !!




Hi, I spoke with him he doesn't give a shit.

Please help,

I downloaded and installed openssl-0.9.7a-20.2.1.src.rpm because when I
try to install snort-mysql-2.1.3-1.i386.rpm it asked for
libmysqlclient.so.10 an so in tried to install
ibmysqlclient12-4.0.20-67426cl.i386.rpm but this requested:

[root at ...12378... snortinstall]# rpm -ivh
libmysqlclient12-4.0.20-67426cl.i386.rpm
error: Failed dependencies:
        libcrypto.so.0.9.7 is needed by libmysqlclient12-4.0.20-67426cl
        libssl.so.0.9.7 is needed by libmysqlclient12-4.0.20-67426cl


installing open ssl didn't helped....


I also tried find libcrypto and libssl on the net but there isnt any for
fedora.

They don't exist in the distribution cd neither.

Thanks !!!
-----Original Message-----
From: Alex Butcher, ISC/ISYS [mailto:Alex.Butcher at ...11254...] 
Sent: Monday, September 13, 2004 6:24 PM
To: Juan Fernandez; 'snort-users at lists.sourceforge.net'
Subject: RE: [Snort-users] I am using Petrick harper's guide still have
pr oblems !!



--On 13 September 2004 18:17 +0300 Juan Fernandez 
<Juan.Fernandez at ...2210...> wrote:

> I agree with you.
>
> But my boss dosen't care,
>
> I must bring up those machines somehow !!!

Just tell him that 4 books cost about the same as a day or two of your
time.

Best Regards,
Alex.
-- 
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9



-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM. 
Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM. 
Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list