Re: Snort on Suse Linux - snortd paths

[Manuel Balderrábano <manuelb () tol-project org>(by way of Manuel Balderrábano <garibolo () wanadoo es>)]

For some reason I coludn't send it before, here it is:

Hi, I use Snort on SuSE 8.2 and 9.0.
Are you using the snort version that comes with SuSE?

If the answer is yes, you just have to select the interface and little more 
in /etc/sysconfig/snort and everything else in /etc/snort/snort.conf

If you are installing a different version of Snort, you should first remove 
the snort package, then compile and install snort from source. Then what I do 
is:

mkdir /etc/snort; mkdir /var/log/snort
cp snort-source/etc/*  /etc/snort; cp -R snort-source/rules /etc/snort
And change the variable RULE_PATH to:
var RULE_PATH rules
in /etc/snort/snort.conf

To start the service, run snort -c /etc/snort/snort.conf or just use the 
S99snort script that comes under the contrib dir in the snort source.

Don't forget to configure your rules!

Regards.

El Jueves, 29 de Abril de 2004 10:38, Neil Wellard escribió:
> Anyone out there installed Snort on Suse Linux 8.x?
>
> The snortd file contains the following path to the function library:
>
> /etc/rc.d/init.d/functions
>
> which doesn't seem to exist on Suse Linux (well, on my installation anyway).
>
> What should I change this path to, if anything? Do I need it at all or 
> can I comment it out?
>
> Same goes for the path to the local configuration file, which is 
> immediately below the function library line. That points to:
>
> /etc/sysconfig/snort
>
> which, again, doesn't exist on my system. What should I be pointing this to?
>
> Many thanks in advance
>
> Neil
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: Oracle 10g
> Get certified on the hottest thing ever to hit the market... Oracle 10g. 
> Take an Oracle 10g class now, and we'll give you the exam FREE. 
> http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

-- 
---------------------------------------------------
Manuel Balderrábano López de Tejada

                               Bayes Decision, S.L.
c/ Gran Vía, Nº39, 5º, E-28013 MADRID
 Tfn (91) 532.74.40, Fax (91) 532.26.36
---------------------------------------------------
email: garibolo () wanadoo es
---------------------------------------------------




-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g.
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id149&alloc_id66&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users