[Snort-users] (2.4.4 and Ubuntu on 2.6.12) Odd install from source

Braley, Ron ron.braley at ...460...
Thu Mar 30 10:00:06 EST 2006


Rob,

In my experience, the .conf files get extracted into the installation
directory/etc (i.e. /usr/local/src/snort-2.4.4/etc).

Not only should you see the snort.conf file there, but threshold.conf
too.

I think library files are put in the proper locations during the
installation process - there's no need to do anything else but the
following:

a.  Put the executable file wherever you'd like it to be (/opt/snort/bin
for us . . .)
b.  Copy the snort.conf file from the extraction point/etc to wherever
you'd like it to be (i.e. /opt/snort/etc/)
c.  Download the rules and include this directory in the snort.conf file
d.  Start snort (manually or automatically) - remember to include the
location of the snort.conf file in the command (i.e.
#/opt/snort/bin/snort -i eth5 -c /opt/snort/etc/snort.conf -D

Hope that helps!

Ron Braley, Berbee
Datacenter Security Engineer



-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Rob Munsch
Sent: Thursday, March 30, 2006 11:21 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] (2.4.4 and Ubuntu on 2.6.12) Odd install from
source

'allo list,

I've had an odd problem installing 2.4.4 from source.  conf/make/make 
install goes smoothly, but only the binary itself - and the man page - 
actually 'go anywhere.'

I'm not sure if this is deliberate, but i've poked around the docs, 
checked the faq, and burned black candles at midnight - no success.  
Nothing goes to my /etc; no conf, nothing in init.d, nada.  Not the 
snort.conf itself nor any of the secondary conf files, nor is a rules 
dir created, nor /var/log/snort, etc.

The docs seem to assume these things'll be in place when you run, but 
there's no explicit manifesto of needed files.  I went and manually 
moved stuff around, created the dirs and files needed, etc., but i was 
sort of wondering about the whole thing.

Ubuntu seems to want to apt me 2.3.2, and it looks like there's a slew 
of bugfixes and whatnot in the 2.4 branch, so i'd rather go with latest 
stable source.  Is there a reason the various config files, and assorted

log/conf/rules directories, aren't created at install?  There doesn't 
seem to be any reference to them in the makefile, tho my understanding 
there is limited.

Praying fervently not to have caused a drink or three,

-- 
Rob Munsch
Solutions For Progress IT



-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting
language
that extends applications into web and mobile media. Attend the live
webcast
and join the prime developer group breaking into this new coding
territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list