Snort mailing list archives
Oinkmaster installation for snort
From: Hubert Edward kIYIMBA <hekiyimba () yahoo com>
Date: Mon, 20 Mar 2006 22:35:14 -0800 (PST)
I installed oinkmaster to manage my snort rules. I configured it to send me mail after the download is complete and also to backup my old rules prior to downloading the new set.My rules are in directory /etc/snort and I am using snort version 2.3 I have not received mail about the updates and the backup folder is empty. I checked in /var/log/messages and there was no message about oinkmaster.Please assist. Below are my installation steps. cd /usr/local/src/ mkdir oinkmaster mv oinkmaster-1.2.tar.gz oinkmaster cd oinkmaster tar zxvf oinkmaster-1.2.tar.gz cd oinkmaster 1.2 cp oinkmaster.pl /usr/bin cp oinkmaster.conf /etc/ cd contrib. cp makesidex.pl /etc chown -R snort:snort /etc/snort vi /etc/oinkmaster.conf At this stage I edited the line to look like below and inserted my oinkcode url = http://www.snort.org/pub-bin/oinkmaster.cgi/oinkcode /snortrules-snapshot-2.3.tar.gz cd /etc ./makesidex.pl /etc/snort/rules >autodisable.conf mkdir /etc/snort/backup chown -R snort:snort /etc/snort/backup cd /usr/bin touch oinkdaily chmod +x oinkdaily vi oinkdaily I added the following line to the oinkdaily file oinkmaster.pl -C /etc/oinkmaster.conf -C /etc/autodisable.conf -o /etc/snort/rules -b /etc/snort/backup 2>&1 | mail -s "oinkmaster" hkiyimba () bou or ug Then I scheduled snort to download the rules crontab u snort e 30 5 * * * /usr/bin/oinkdaily Any help will be appreciated --------------------------------- Yahoo! Mail Use Photomail to share photos without annoying attachments.
Current thread:
- Oinkmaster installation for snort Hubert Edward kIYIMBA (Mar 20)