Snort mailing list archives
Re: Snort and Suse 8.2
From: Michael Schwartzkopff <misch () multinet de>
Date: Tue, 11 Nov 2003 16:23:01 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am Dienstag, 11. November 2003 15:59 schrieb Josh Berry:
On my configurations I set /etc/sysconfig/network/ifcfg-ethx to: DEVICE=ethx ONBOOT=yes USRCTL=no And that is all I put in them config file.Because of setting up Suse 8.2 for Snort I want to set one of the ethernet-interfaces in promiscuous mode. Which is not the problem ;-) The problem is I want to setup this ethernet-interface without an ip-address. Setting up with an ip-address causes snort changes var HOME_NET into $eth0_ADDRESS when I changed it to particular address ranges or even to any.
(...) In Suse 8.2 an old version (1.91) of snort is used. It will not understand the latest rules any more. I downloaded the latest rpm files from snort and installed it with rpm -i. There are some complaints about wrong version of libpng (?) but you can igore this. You have to adopt the SuSE init scripts to the location of the new snort, but you can use the SuSE variables file. It works with me ;-) - -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP-ID: 15F925D9CEF94F2C Fingerprint: AF27 2674 4631 E230 B431 F68D 15F9 25D9 CEF9 4F2C -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQE/sP7VFfkl2c75TywRAqPHAJ0YNqflcv4kZgDaiX0tzRLwBhwZVwCfQ26b RmblyQu1x7dcaQUNZsrIS+0= =/GYD -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort and Suse 8.2 wbnt (Nov 11)
- Re: Snort and Suse 8.2 Josh Berry (Nov 11)
- Re: Snort and Suse 8.2 Michael Schwartzkopff (Nov 11)
- Re: Snort and Suse 8.2 Josh Berry (Nov 11)