Snort mailing list archives
Re: Re-Compiling Snort?
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 17 Feb 2014 18:27:00 +0000
./configure —enable-sourcefire should get you the best default options. On Feb 17, 2014, at 1:13 PM, Y M <snort () outlook com<mailto:snort () outlook com>> wrote: Hi Matt, Snort's support for MySQL is deprecated since Snort version 2.9.3. What probably you want is to output to unified2 format and let Barnyard2 parse the logs and insert them into the database. If the sole purpose of recompiling Snort is to add MySQL support, then you do not need to reconfigure things. If you are configuring Snort version 2.9.6.0 for the dynamic plugin, you may get this (I do): configure: WARNING: unrecognized options: --enable-dynamicplugin I believe this is built-in/hardened now, but I am not sure . You may find more information about this in the changelog. Regarding the reconfiguration in general, you can reconfigure Snort on the same box , then use make clean, make install and the compiled binary should be replaced. YM ________________________________ To: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> From: MMartin () jwpepper com<mailto:MMartin () jwpepper com> Date: Mon, 17 Feb 2014 12:51:20 -0500 Subject: [Snort-users] Re-Compiling Snort? Hey All, Installed Version: Snort v2.9.6.0 OS: OpenSuSE 12.3 (x86_64) I have already downloaded/installed and configured Snort on my server running OpenSuSE 12.3, and everything seems to be working just fine. But when I compiled/configured Snort I did NOT include any of the MySQL Options, in order to configure MySQL for BASE and Barnyard2. But I would like to get these 'add-ons' for Snort going if I can. So would I be able to Re-Compile/Re-Configure Snort and just replace whichever files would need replacing after re-compiling, if possible... Does that make sense? I don't believe I included any options along with the "./configure" command(s) when I ran them initially, as far as I remember... I did find this guide below for Configuring Snort with BASE, Barnyard2, Oinkmaster, and MySQL. But I didn't find this until after I already installed Snort. This is the Guide I found --> http://freelinuxtutorials.com<http://freelinuxtutorials.com/tutorials/installing-ids-using-snort-with-oinkmaster-barnyard-and-base-on-rhelcentos-64-bit/> And the command I SHOULD have run when I first configured Snort to include MySQL was: ./configure –with-mysql –enable-dynamicplugin –with-mysql-libraries=/usr/lib64/mysql I already have all the prerequisites installed, so could anyone tell me what I would need to do if I want to achieve this? Would I just re-run the configure, make and make install commands with the appropriate command line options this time, on a fresh copy of Snort and just replace the already existing files..? Any thoughts or suggestions would be much appreciated! Thanks in Advance, Matt ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re-Compiling Snort? MMartin (Feb 17)
- Re: Re-Compiling Snort? Y M (Feb 17)
- Re: Re-Compiling Snort? Joel Esler (jesler) (Feb 17)
- Re: Re-Compiling Snort? MMartin (Feb 17)
- Re: Re-Compiling Snort? Y M (Feb 17)