Snort mailing list archives
RE: snort/Barnyard startup script
From: "Patrick S. Harper" <patrick () internetsecurityguru com>
Date: Wed, 7 Jul 2004 05:51:45 -0500
There is a file called S99snort in the contrib dir where you uncompressed the snort source files. Copy that to /etc/init.d and create a symlink in the run levels you want to run it in. For barnyard I just modified the snort init script, or you can just put it in rc.local (it would be better to use a script though) Patrick S. Harper | CISSP RHCT MCSE www.internetsecurityguru.com www.ntsug.org - Snort Users Group "If there is no light at the end of the tunnel, get down there and light the damn thing yourself!" -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Mike Cohen Sent: Tuesday, July 06, 2004 9:34 PM To: snort-users () lists sourceforge net Subject: [Snort-users] snort/Barnyard startup script Hello, Im fairly new to LInux, and have been tasked with building a snort sensor for our network. I have Suse 9 , snort 2.12 with Barnyard 0.2.0 and mysql up and running. None of the services (apache/mysql/barnyard/snort) are running when I start the server. I see that I can add apache and mysql to the various runlevels using Yast, but Im not quite sure how exactly to script the startup of snort and barnyard. Ive seen references to snortd, but I cant seem to find any definitive references to make snort a Daemon, other than the command line switch which would mean Id have to have it in a script somewhere. I have no experience with startup scripting of any kind other than dumping one liners in rc.local. I see that startup scripts would go in the appropriate runlevel folder, but is a startup script as simple as just typing in the snort start command with the proper switches, saving it a s afile and dumping it in the right rc.3, and rc.5 directories? From what I can gather there is more to it, and it looks like it involves some C coding (which I dont know). Can somone point me to the right direction? all the books mention using some runlevel editor tool, but that doesnt seem to apply to snort, since its not a distro installed service. any help or insight appreciated. thanks. Mike C. ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.715 / Virus Database: 471 - Release Date: 7/4/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.715 / Virus Database: 471 - Release Date: 7/4/2004 ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort/Barnyard startup script Mike Cohen (Jul 06)
- RE: snort/Barnyard startup script Patrick S. Harper (Jul 07)
- Re: snort/Barnyard startup script Edin Dizdarevic (Jul 07)
- RE: snort/Barnyard startup script Patrick S. Harper (Jul 07)