[Snort-users] FW: Snort 2.8.6 & Snort Report 1.3.1 with "No Data..."

Jun Wan junwei_wan at ...125...
Wed Aug 25 19:01:39 EDT 2010


Hi,
 
Is anyone able to confirm the following (from the setup guide) , I think there might be errors with two red lines , which might be the root cause of "No Data" issue:
 
sudo tar zxvf barnyard2-1.8.tar.gz
cd barnyard2-1.8
sudo ./configure --with-mysql
sudo make
sudo make install
sudo cp etc/barnyard2.conf /usr/local/snort/etc
sudo mkdir /var/log/barnyard2
sudo chmod 666 /var/log/barnyard2
sudo touch /var/log/snort/barnyard2.waldo
sudo chown snort.snort /var/log/snort/barnyard2.waldo
 
 
These two red lines should be the following:
 
sudo cp /etc/barnyard2.conf /usr/local/snort/etc                                 the guide misses / in front of etc
 
sudo chown snort:snort /var/log/snort/barnyard2.waldo                        the guide misses : between two "snort" 
 
Would anyone please confirm if these are errors in the guide?  
 
Thanks again.
 
Regards
 
John
 

From: greglane at ...14965...
To: snort-users at lists.sourceforge.net
Date: Wed, 25 Aug 2010 08:09:55 -0500
Subject: [Snort-users] FW: Snort 2.8.6 & Snort Report 1.3.1 with "No Data..."






 
 

Greg Lane
IT Manager
Lane Enterprises
 
Email:  greglane at ...14965...
Phone: (228)872-2414
 


From: Greg Lane [mailto:greglane at ...14965...] 
Sent: Wednesday, August 25, 2010 8:09 AM
To: 'Jun Wan'
Subject: RE: [Snort-users] Snort 2.8.6 & Snort Report 1.3.1 with "No Data..."
 
I have had the same problem and even did a complete reinstall.  I have also installed BASE using a setup on the Ubuntu Forum.  I have everything running.  I know I’m getting traffic on my mirrored outside interface because I have run both TCPDUMP and Wireshark and have looked at the traffic and have run multiple scans against my outside IP address with nmap and still haven’t gotten a single alert of any kind.  If I’m not mistaken BASE should show any type of traffic that is coming in not just error but I could be wrong. 
 

Greg Lane
IT Manager
Lane Enterprises
 
Email:  greglane at ...14965...
Phone: (228)872-2414
 


From: Jun Wan [mailto:junwei_wan at ...125...] 
Sent: Tuesday, August 24, 2010 9:54 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Snort 2.8.6 & Snort Report 1.3.1 with "No Data..."
 

  Hi,
 
I have followed the instructions from : http://www.symmetrixtech.com/articles/004-snortinstallguide286.pdf, installation went very smoothly this time.
 
My Snort 2.8.6 with updated rules is running beautifully, but the Snort Report 1.3.1 produces no data.
 
Any information and help would be much appreciated.
 
Thanks.
 
Regards
 
John
 
 
 

------------------------------------------------------------------------------ Sell apps to millions through the Intel(R) Atom(Tm) Developer Program Be part of this innovative community and reach millions of netbook users worldwide. Take advantage of special opportunities to increase revenue and speed time-to-market. Join now, and jumpstart your future. http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________ Snort-users mailing list Snort-users at lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Sell apps to millions through the Intel(R) Atom(Tm) Developer Program Be part of this innovative community and reach millions of netbook users worldwide. Take advantage of special opportunities to increase revenue and speed time-to-market. Join now, and jumpstart your future. http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________ Snort-users mailing list Snort-users at lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100825/4e3fe479/attachment.html>


More information about the Snort-users mailing list