[Snort-users] Oinkmaster installation for snort

Hubert Edward kIYIMBA hekiyimba at ...131...
Mon Mar 20 22:36:05 EST 2006


I installed oinkmaster to manage my snort rules. I configured it to send me mail after the download is complete and also to backup my old rules prior to downloading the new set.My rules are in directory /etc/snort and I am using snort version 2.3
   
  I have not received mail about the updates and the backup folder is empty. I checked in /var/log/messages and there was no message about oinkmaster.Please assist. 
   
  Below are my installation steps. 
   
  cd /usr/local/src/
  mkdir oinkmaster
  mv oinkmaster-1.2.tar.gz oinkmaster
  cd oinkmaster
  tar –zxvf oinkmaster-1.2.tar.gz
  cd oinkmaster 1.2
  cp oinkmaster.pl  /usr/bin
  cp oinkmaster.conf  /etc/
  cd contrib.
  cp makesidex.pl /etc
  chown -R snort:snort /etc/snort
  vi /etc/oinkmaster.conf
   
  At this stage I edited the line to look like below and inserted my oinkcode
   
  url = http://www.snort.org/pub-bin/oinkmaster.cgi/oinkcode /snortrules-snapshot-2.3.tar.gz
   
  cd /etc
  ./makesidex.pl /etc/snort/rules >autodisable.conf
  mkdir /etc/snort/backup
  chown -R snort:snort /etc/snort/backup
  cd /usr/bin
  touch oinkdaily
  chmod +x oinkdaily
  vi oinkdaily
   
  I added the following line to the oinkdaily file
  oinkmaster.pl -C /etc/oinkmaster.conf -C /etc/autodisable.conf -o /etc/snort/rules -b
  /etc/snort/backup 2>&1 | mail -s "oinkmaster" hkiyimba at ...13732... 
   
  Then I scheduled snort to download the rules
   
  crontab –u snort –e
  30 5 *  *  * /usr/bin/oinkdaily
   
  Any help will be appreciated
   
   

		
---------------------------------
 Yahoo! Mail
 Use Photomail to share photos without annoying attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20060320/43394cf6/attachment.html>


More information about the Snort-users mailing list