[Snort-users] Fixes for autosnort users as well as all Debian 6 and CentOS 6.3 snort report users

waldo kitty wkitty42 at ...14940...
Sat Dec 1 11:38:57 EST 2012

On 12/1/2012 03:03, Tony Robinson wrote:
> On Debian:
> edit /etc/php5/apache/php.ini. You will have to enable the short_open_tag
> directive on line 226 by changing this line from "Off" to "On". Afterwards, if
> you restart apache, your web page should render fine and you should be able to
> see your intrusion events just fine.

why not just fix the short open tags to proper long tags?

> On CentOS 6.3
> you will have to make two edits if you have SELinux enabled and in enforcing mode:
> 1) you will have to edit /etc/php.ini and enable the short_open_tag directive on
> line 229. same as on Debian, change the option from "Off" to "On" and restart httpd.

and here again... why not make the change in the code so it is never a problem 
any more instead of requiring everyone else to change their configurations?

> 2) If you are running SELinux in enforcing mode, you will get file permission
> errors for srconf.php. this is because SELinux is preventing access to snort
> report files via the httpd process. to change this, enter the following command:
> chcon -R -t httpd_sys_rw_content_t snortreport-1.3.3/

that command doesn't look right... or is chcon a new command like chown and chmod??

More information about the Snort-users mailing list