[EMAIL PROTECTED] writes:
> Hello,
>
> It appears that the file /etc/snort/snort.conf generated by naat is buggy.
> We must add the definition of 3 new variables HTTP_PORTS, ORACLE_PORTS and
>SHELLCODE_PORTS to allow snort to compile correctly the rule files (resp.
>web_cgi.rules (and associat
Sorry, package snf-fr-8.2-11mdk
Regards
Marc Bethenod
Florin <[EMAIL PROTECTED]> wrote:
>[EMAIL PROTECTED] writes:
>
>> Hello,
>>
>> It appears that the file /etc/snort/snort.conf generated by naat is buggy.
>> We must add the definition of 3 new variables HTTP_PORTS, ORACLE_PORTS and
>SHELLC
[EMAIL PROTECTED] writes:
> Hello,
>
> It appears that the file /etc/snort/snort.conf generated by naat is buggy.
> We must add the definition of 3 new variables HTTP_PORTS, ORACLE_PORTS and
>SHELLCODE_PORTS to allow snort to compile correctly the rule files (resp.
>web_cgi.rules (and associat
Hello,
It appears that the file /etc/snort/snort.conf generated by naat is buggy.
We must add the definition of 3 new variables HTTP_PORTS, ORACLE_PORTS and
SHELLCODE_PORTS to allow snort to compile correctly the rule files (resp.
web_cgi.rules (and associates), misc.rules and shellcode.rules).
AIL PROTECTED]>
-Original Message-
From: Florin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 19, 2001 7:26 PM
To: [EMAIL PROTECTED]
Subject: Re: [Cooker-firewall] SNORT STILL DOESN'T WORK
> I am really upset. I sent this bug/fix in for RC1 and again for RC2, and
> then
> I am really upset. I sent this bug/fix in for RC1 and again for RC2, and
> then for the last test version and you still haven't fixed it. When
> installing the Firewall by default snort DOES NOT HAVE the proper
> permissions to the /var/log/snort directory. I was told by the Mandrake team
> e
I am really upset. I
sent this bug/fix in for RC1 and again for RC2, and then for the last test
version and you still haven't fixed it. When installing the Firewall by default
snort DOES NOT HAVE the proper permissions to the /var/log/snort directory. I
was told by the Mandrake team each tim
Stephen Thomas <[EMAIL PROTECTED]> writes:
> When running on a system with a dial up connection and the modem drops sync
> and has to redial snort needs to be restarted. My ISP drops sync every 12
> hours and the modem redials. When I connect again it gives me a new IP
> address. Since snort
When running on a system with a dial up connection and the modem drops sync
and has to redial snort needs to be restarted. My ISP drops sync every 12
hours and the modem redials. When I connect again it gives me a new IP
address. Since snort doesn't seem to reinitialize, it dies.
There is so
cool, thanks.
-Original Message-
From: philippe Libat [mailto:[EMAIL PROTECTED]]
Sent: March 16, 2001 4:02 AM
To: [EMAIL PROTECTED]
Cc: Cooker-Firewall (E-mail)
Subject: Re: [Cooker-firewall] snort?
"R.I.P. Deaddog" a écrit :
>
> 1. rpm -e --nodeps snort
>
"R.I.P. Deaddog" a écrit :
>
> 1. rpm -e --nodeps snort
>
> 2. install your MySQL
> 3. recompile snort source rpm to use newest mysql
> 4. install the generated snort binary rpm
>
> Abel Cheung
>
> On Thu, 15 Mar 2001, Gene Moreau wrote:
>
> > What ever version shipped with
1. rpm -e --nodeps snort
2. install your MySQL
3. recompile snort source rpm to use newest mysql
4. install the generated snort binary rpm
Abel Cheung
On Thu, 15 Mar 2001, Gene Moreau wrote:
> What ever version shipped with Beta 4. I think Snort is 1.7.1mdk-i386
>
> It loo
e: [Cooker-firewall] snort?
You failed to tell us what version you are running, also you migth just
have to get the srpm buecause the rpm
you have might have been compiled agenst another set of librarys.
-John
> what happened to snort in this version?
>
> it gives me the error
>
>
You failed to tell us what version you are running, also you migth just
have to get the srpm buecause the rpm
you have might have been compiled agenst another set of librarys.
-John
> what happened to snort in this version?
>
> it gives me the error
>
> snort: error in loading shared librarie
what happened to snort in this version?
it gives me the error
snort: error in loading shared libraries: libmysqlclient.so.9: cannot open
share
d object file: No such file or directory
what library is that from? I've tried loading a bunch, but can't seem to
find the right one.
Gene Moreau
I
As I said in the original message, it is working. I did go into snortd and
set the ethernet port to the one I want to monitor. 1.6.3 is what came with
beta 3. snort.conf does not exist in /etc or /etc/snort. The RPM that came
with beta 3 uses a file that's called rules.something and calls an i
Snort 1.7 was put into contribs if I recall.. I made the rpm for it. as for
the config I would look in /etc/snort/snort.conf Also there are docs
in /usr/share/doc/snort-1.7 if I recall. As for the Network card
you want it to listen on go to
/etc/rc.d/init.d/snortd and edit that file there is a
OK, I've got Snort installed and I think it is runnig. It is generating logs.
I have a few questions questions.
1. How can I test it? I've tried running a port scanner against it and
IDSwakeup but neither one of them gernerate any log entries.
2. How do I configure it? I did go in and change
t; work to monitor our Internet Servers and WAN.
>
> -John
>
> - Original Message -
> From: <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, March 02, 2001 5:38 AM
> Subject: [Cooker-firewall] Snort
>
> > I understand that snort is in
gt;
To: <[EMAIL PROTECTED]>
Sent: Saturday, March 03, 2001 3:42 PM
Subject: [Cooker-firewall] Snort
> Did someone answer my question on how to configure Snort in Mandrake
> Firewall? I posted it from work and won't be back there until Monday.
>
> Thanks,
> Steve
>
>
yep. John Johnson.
repeated for FYI:
Reply-to:"John Johnson" <[EMAIL PROTECTED]>
From:"John Johnson" <[EMAIL PROTECTED]>
To:<[EMAIL PROTECTED]>
Subject:Re: [Cooker-firewall] Snort
Date:Fri, 2 Mar 2001 08:24:03 -0800
/etc/snort/snort
Did someone answer my question on how to configure Snort in Mandrake
Firewall? I posted it from work and won't be back there until Monday.
Thanks,
Steve
22 matches
Mail list logo
