[Snort-users] Oinkmaster installation for snort
Hubert Edward kIYIMBA
hekiyimba at ...131...
Mon Mar 20 22:36:05 EST 2006
I installed oinkmaster to manage my snort rules. I configured it to send me mail after the download is complete and also to backup my old rules prior to downloading the new set.My rules are in directory /etc/snort and I am using snort version 2.3
I have not received mail about the updates and the backup folder is empty. I checked in /var/log/messages and there was no message about oinkmaster.Please assist.
Below are my installation steps.
mv oinkmaster-1.2.tar.gz oinkmaster
tar zxvf oinkmaster-1.2.tar.gz
cd oinkmaster 1.2
cp oinkmaster.pl /usr/bin
cp oinkmaster.conf /etc/
cp makesidex.pl /etc
chown -R snort:snort /etc/snort
At this stage I edited the line to look like below and inserted my oinkcode
url = http://www.snort.org/pub-bin/oinkmaster.cgi/oinkcode /snortrules-snapshot-2.3.tar.gz
./makesidex.pl /etc/snort/rules >autodisable.conf
chown -R snort:snort /etc/snort/backup
chmod +x oinkdaily
I added the following line to the oinkdaily file
oinkmaster.pl -C /etc/oinkmaster.conf -C /etc/autodisable.conf -o /etc/snort/rules -b
/etc/snort/backup 2>&1 | mail -s "oinkmaster" hkiyimba at ...13732...
Then I scheduled snort to download the rules
crontab u snort e
30 5 * * * /usr/bin/oinkdaily
Any help will be appreciated
Use Photomail to share photos without annoying attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users