[Snort-users] I am using Petrick harper's guide still have pr oblems !!

jrhendri at ...9784... jrhendri at ...9784...
Tue Sep 14 08:54:06 EDT 2004

Whoa there Juan... Take a breath!

You are getting frustrated and that is not helping you solve the problem.

You are trying to install an application you are not familiar with, on an operating system you are not familiar with, using a set of documentation that is not specific to what you are trying to do...

(oh, and yeah, it's all *free* including the direct support of the development and user community)

It looks to me like you are set up to fail, so please don't blame the application, the documentation, or the OS.

My suggestion (not that you asked :-) is that you:
1) sit down with your boss and admit that you are having problems due to your lack of experience with the products. There is no shame there, your boss should think well of you for being straightforward.
2) decide together what your need is (timeframe included) for getting an IDS working. This should also include what amount of your time and other resources (money included) that you and your boss are willing to spend.
3) Based on #2, you can then determine the best course. 
  It may be that you should hire someone who has the experience you lack (and use them to help you learn). 
  It may be that you should simply purchase a pre-configured system. 
  It may be that you and your boss are willing to let you take the time necessary to:
 - get some basic experinece with Linux, specifically with installing packages on whatever distribution you choose (I usually prefer building from source, but that's just me.)
- get some experience with a simple configuration of the applications (snort, etc.) before you try to configure a more complex system.

Please also realize that even if you buy a canned IDS and have someone else install it, you will need to learn how to use it on your network or you will simply become *much more* frustrated than you are now by the alerts that come pouring in that you do not understand. I believe that some (relaxed) time (playing) with snort will help you learn what is (and is not) normal on your net.

Whatever course you choose, I wish you well (I personally hope you can take the time to learn how to configure it yourself. I believe you will learn a lot and enjoy the experience if you are not under unrealistic expectations. And whether or not you come to like linux, it will make a better admin of you.

Best of luck!


----- Original Message -----
From: Juan Fernandez <Juan.Fernandez at ...2210...>
Date: Monday, September 13, 2004 1:03 pm
Subject: RE: [Snort-users] I am using Petrick harper's guide still have pr oblems !!

> I tried the command an hour ago:
> This is what I recive:
> [root at ...12378... snortinstall]# yum install openssl
> Gathering header information file(s) from server(s)
> Server: Fedora Core 1 - i386 - Base
> Server: Fedora Core 1 - i386 - Released Updates
> Finding updated packages
> Downloading needed headers
> openssl is installed and is the latest version.
> No actions to take
> I cant belive this is happening to me....
> I found that it says the same about allmount all the dependencis 
> in looking
> for.
> I cant belive I will need to reinstall a sensor just because of 
> dependencisproblems. Now I understand why nobody uses Linux.
> Maybe to insert the distribution cd's and install every package ?
> I must get it working !!!
> Thanks !!

More information about the Snort-users mailing list