[Snort-users] problem starting snort..kindly help

Joel Esler joel.esler at ...1935...
Mon May 28 20:00:03 EDT 2007


I am looking at your history file here, and it looks like you  
descended into the snort dir, and did a config, but you never did a  
make nor a make install.

Kinda need to do that.



joel esler | security consultant | Sourcefire | pgp  key is public



On May 28, 2007, at 7:26 PM, pearl carlo wrote:

> Hi Scott, atkins, and rmkml
>
> here is what i did after downloading the required packages to / 
> local/usr/src
>
> 43  cd /usr/local
>    44  tar zxvf src/pcre-7.1.tar.gz
>    45  cd pcre-7.1
>    46  ./configure
>    47  make
>    48  make install
>    49  cd ..
>    50  tar zxvf src/libnet-1.0.2a.tar.gz
>    51  cd Libnet-1.0.2a/
>    52  ./configure
>    53  make
>    54  make install
>    55  cd ..
>    56  tar zxvf src/libpcap-0.9.4.tar.gz
>    57  cd libpcap-0.9.4/
>    58  ./configure
>    59  make
>    60  make install
>    61  cd ..
>    62  tar zxvf src/snort-2.6.1.5.tar.gz
>    63  cd snort-2.6.1.5/
>
> In between here i installed mysql through rpm (devel and admin)
>
>    78  ./configure --enable-flexresp --with-mysql --enable- 
> dynamicplugin
>    79  mkdir /etc/snort
>    80  mkdir /var/log/snort
>    81  tar zxvf /usr/local/src/snortrules-snapshot-CURRENT.tar.gz  - 
> C /etc/snort
>    82  cp etc/*.conf* /etc/snort
>    83  cp etc/*.map /etc/snort
>    84  ln -s /usr/local/bin/snort /usr/sbin/snort
>    85  groupadd snort
>    86  useradd -g snort snort
>    87  chown snort:snort /var/log/snort
>    88  vi /etc/snort/snort.conf
>    89  vi /etc/snort/snort.conf
>  here i have chaged the RULE_PATH in the snort.conf file
>
>
>
>   112  service mysqld status
>   113  service mysqld start
>
> here i had some problems related to mysql , sorted those out and  
> continued
> setting mysql
> it took the schema and no problems creating database here
>
>   164  /usr/local/bin/snort -c /etc/snort/snort.conf
>  at this stage i get the message
> bash: /usr/local/bin/snort: No such file or directory
>
>   whereis snort
> or
> whereis snort.conf
> gives me
> snort: /usr/sbin/snort /etc/snort
>
> and if i give
> /usr/sbin/snort -c /etc/snort/snort.conf i get the follwing
> bash: /usr/local/bin/snort: No such file or directory
>
> tail -f /var/log/messages gives me following
>
> May 28 15:54:53 localhost last message repeated 50 times
> May 28 15:55:55 localhost last message repeated 50 times
> May 28 15:56:57 localhost last message repeated 50 times
> May 28 15:57:59 localhost last message repeated 50 times
> May 28 15:59:01 localhost last message repeated 50 times
> May 28 16:00:03 localhost last message repeated 50 times
> May 28 16:01:05 localhost last message repeated 50 times
> May 28 16:02:07 localhost last message repeated 50 times
> May 28 16:03:09 localhost last message repeated 50 times
> May 28 16:04:11 localhost last message repeated 50 times
>
> Is it that i need to uninstall the packages and relaod the rpm  
> based version..
> can somebody give me clue to progress further and give me some idea  
> what is going on and where could be the mistake...
>
> appreciating for your time ..
>
> pearl
>
>
>
>
>
>
> "Atkins, Dwane P" <ATKINSD at ...9240...> wrote:
> Pearl,
>
> If you do a tail -f /var/log/messages, do you see any errors?  Did  
> you try and reconfigure it with the --with-mysql?
>
>
> From: pearl carlo [mailto:pearlcarlo at ...131...]
> Sent: Mon 5/28/2007 1:29 AM
> To: Atkins, Dwane P
> Subject: RE: [Snort-users] problem starting snort..kindly help
>
> i am trying to install snort 2.6.1.5
>
>
> "Atkins, Dwane P" <ATKINSD at ...9240...> wrote:
>
> What version are you trying to install? I can only guess since I am
> rather new, but you may want to attempt to ./configure --with-mysql
> Make
> Make install
>
>
> -----Original Message-----
> From: snort-users-bounces at lists.sourceforge.net
> [mailto:snort-users-bounces at lists.sourceforge.net] On Behalf Of pearl
> carlo
> Sent: Sunday, May 27, 2007 10:29 PM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] problem starting snort..kindly help
>
> hi all
> i have installed all the required packages and has set up the database
> also successfully in mysql but now after doing all the hardwork when i
> am trying to start the snort by writing the following
> /usr/local/bin/snort -c /etc/snort/snort.conf
>
> i get the following message ..i am unable to understand what i am
> missing
> bash: /usr/local/bin/snort: No such file or directory
>
> and when i cd to directory structure ....it really do not exist...i  
> hope
> that is suppose to be created by snort during installation..
>
> kindly help..i have wasted quite a time on that
> pearl
>
>
> ________________________________
>
> Bored stiff?
> Loosen up...
> Download and play hundreds of games for free
> on Yahoo!
> Games.
>
> Be a better Globetrotter. Get better travel answers from someone  
> who knows.
> Yahoo! Answers - Check it out.
>
>
> Need a vacation? Get great deals to amazing places on Yahoo! Travel.
> ---------------------------------------------------------------------- 
> ---
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/ 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20070528/342b909b/attachment.html>


More information about the Snort-users mailing list