"Wesley M." <open...@e-solutions.re> writes:
> Perhaps, this can be helpful ;-)
> http://www.procyonlabs.com/guides/openbsd/snort/
It's possible it's quite valid for the Snort parts, but unfortunately
this HOWTO shows several of the features typical of docs maintained by
people who are not, in fact, terribly familiar with OpenBSD:
first off, consider the statement
"One thing a lot of people overlook is patching their OpenBSD
system(s). This is because it is a major pain in the ass. "
Show of hands, how many of people here agree with that statement?
Next, the only part of the system he considers important enough to patch
is the kernel. (OpenBSD has patches for all parts of the base system,
the only patch so far for 4.9 is for bind, not the kernel).
He then moves on to rebuild all packages locally from the ports tree,
but there are no indications that he builds special flavors that are not
already available as downloadable packages.
And finally, he then proceeds to download -- to /usr/src of all places
-- the source archives for Snort and supporting software (which may or
may not be due to some appropriate reason such as the packages (aka
ports) lagging behind upstream), builds and installs them.
All this while working as root (not a sudo in sight, but this may be one
of my grumpier nights).
If you find this is a useful document, it would be a very smart move to
prod its author to check that the information is still up to date and to
make any changes that are necessary for OpenBSD 5.0. It's only been two
months, but even busy and forgetful people who take an active interest
*should* be able to find the time for keeping their stuff up to date.
As others have said here earlier, any document that claims to be about
OpenBSD and does not live somewhere on http://www.openbsd.org/ should
be treated with caution, one of the things to look out for is some basic
familiarity with OpenBSD such as the points (possibly minor) I pointed
out earlier.
Cheers,
Peter
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
