[Snort-users] HELP: setting up SnortSam runs Snort+BASE+Barnyard

Rachmat Hidayat Al-Anshar rachmat_hidayat_02 at ...131...
Wed Oct 31 22:49:29 EDT 2007

Hi all, 

I'm on my research deploying SnortSam with Snort-2.8.0 (BASE and Barnyard installed). The packages are:
- snortsam-patch-2.8
- snortsam-src-2.52

There is something that I want to ask, 

I had been used unified output plugin to used with Barnyard, so I can use MySQL and BASE. The active response with SnortSam, have another output plugin on Snort that have to use, so it can connect to SnortSam agent run on firewall host to block the malicious traffic.  What I have to do with Snort output plugin, so I can use both of them? Is it fine, to use two output plugin in a configuration file?

I have no problem with patching the Snort, but, when I run 'aclocal' to recompile Snort, I get this messages:

 /usr/share/aclocal/xdelta.m4:7: warning: underquoted definition of AM_PATH_XDELTA 
 run info '(automake)Extending aclocal'   
 or see http://sources.redhat.com/automake/automake.html#Extending%20aclocal

What should I do?

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20071031/42f78fce/attachment.html>

More information about the Snort-users mailing list