[Snort-users] Issues with install Snort 2.9.3.1 Barnyard2 -1.9

Jimmy Ford Jimmy.Ford at ...15764...
Mon Aug 20 16:04:11 EDT 2012


Trying to install snort (yes I am a newbie) using (http://wiki.aanval.com/wiki/Community:Ubuntu_12.04,_Snort,_Barnyard2,_Pulledpork,_and_Aanval_Installation_Guide) as a guideline. I have mysql installed etc.  The issue I have is snort doesn't seem to want to start (no process daemon running) so I started snort with the test switch and get:

        --== Initialization Complete ==--

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.3.1 IPv6 GRE (Build 40)
   ''''    By Martin Roesch & The Snort Team: http://www.snort.org/snort/snort-team
           Copyright (C) 1998-2012 Sourcefire, Inc., et al.
           Using libpcap version 1.1.1
           Using PCRE version: 8.12 2011-01-15
           Using ZLIB version: 1.2.3.4

           Rules Engine: SF_SNORT_DETECTION_ENGINE  Version 1.16  <Build 18>
           Rules Object: misc  Version 1.0  <Build 1>
           Rules Object: icmp  Version 1.0  <Build 1>
           Rules Object: bad-traffic  Version 1.0  <Build 1>
           Rules Object: web-iis  Version 1.0  <Build 1>
           Rules Object: snmp  Version 1.0  <Build 1>
           Rules Object: imap  Version 1.0  <Build 1>
           Rules Object: web-activex  Version 1.0  <Build 1>
           Rules Object: web-misc  Version 1.0  <Build 1>
           Rules Object: nntp  Version 1.0  <Build 1>
           Rules Object: netbios  Version 1.0  <Build 1>
           Rules Object: specific-threats  Version 1.0  <Build 1>
           Rules Object: exploit  Version 1.0  <Build 1>
           Rules Object: dos  Version 1.0  <Build 1>
           Rules Object: p2p  Version 1.0  <Build 1>
           Rules Object: chat  Version 1.0  <Build 1>
           Rules Object: multimedia  Version 1.0  <Build 1>
           Rules Object: web-client  Version 1.0  <Build 1>
           Rules Object: smtp  Version 1.0  <Build 1>
           Preprocessor Object: SF_SSLPP (IPV6)  Version 1.1  <Build 4>
           Preprocessor Object: SF_DCERPC2 (IPV6)  Version 1.0  <Build 3>
           Preprocessor Object: SF_DNP3 (IPV6)  Version 1.1  <Build 1>
           Preprocessor Object: SF_DNS (IPV6)  Version 1.1  <Build 4>
           Preprocessor Object: SF_SDF (IPV6)  Version 1.1  <Build 1>
           Preprocessor Object: SF_MODBUS (IPV6)  Version 1.1  <Build 1>
           Preprocessor Object: SF_POP (IPV6)  Version 1.0  <Build 1>
           Preprocessor Object: SF_FTPTELNET (IPV6)  Version 1.2  <Build 13>
           Preprocessor Object: SF_IMAP (IPV6)  Version 1.0  <Build 1>
           Preprocessor Object: SF_SIP (IPV6)  Version 1.1  <Build 1>
           Preprocessor Object: SF_REPUTATION (IPV6)  Version 1.1  <Build 1>
           Preprocessor Object: SF_SSH (IPV6)  Version 1.1  <Build 3>
           Preprocessor Object: SF_SMTP (IPV6)  Version 1.1  <Build 9>
           Preprocessor Object: SF_GTP (IPV6)  Version 1.1  <Build 1>

Snort successfully validated the configuration!
Snort exiting

So I'm guessing that is okay.

Barnyard2 on the other hand I get this:

root at ...15765...:/usr/local/src/snort# service barnyard2 start
$Starting Snort Output Processor (barnyard2): /etc/init.d/barnyard2: 35: /etc/init.d/barnyard2: barnyard2: Permission denied

root at ...15765...:/usr/local/src/snort#


Any help is greatly appreciated, I can send configs offline if you wish.
Thank you,
Jimmy L Ford


________________________________
Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and original message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120820/e6a6d88c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 70 bytes
Desc: image001.gif
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120820/e6a6d88c/attachment.gif>


More information about the Snort-users mailing list