Snort mailing list archives

Re: problem starting snort..kindly help

From: pearl carlo <pearlcarlo () yahoo com>
Date: Mon, 28 May 2007 18:10:17 -0700 (PDT)

hi everybody

i actually went ahead and reinstalled after uninstalling and this time i did not do it
with dynamic plugin and it worked.
thanks everyone for time..

ps: Joel.. i checked your mail now. i guess that would have been a problem..i actually did config couple of times in 
between by uninstalling it and cleaning it at that time it did not work..now i shall try with dynamic plugin too..



Joel Esler <joel.esler () sourcefire com> wrote: I am looking at your history file here, and it looks like you 
descended into the snort dir, and did a config, but you never did a make nor a make install.

Kinda need to do that.
 




joel esler | security consultant | Sourcefire | pgp  key is public



 

On May 28, 2007, at 7:26 PM, pearl carlo wrote:

Hi Scott, atkins, and rmkml

here is what i did after downloading the required packages to /local/usr/src
 
43  cd /usr/local
   44  tar zxvf src/pcre-7.1.tar.gz 
   45  cd pcre-7.1
   46  ./configure
   47  make
   48  make install
   49  cd ..
   50  tar zxvf src/libnet-1.0.2a.tar.gz 
   51  cd Libnet-1.0.2a/
   52  ./configure
   53  make
   54  make install
   55  cd ..
   56  tar zxvf src/libpcap-0.9.4.tar.gz 
   57  cd libpcap-0.9.4/
   58  ./configure
   59  make
   60  make install
   61  cd ..
   62  tar zxvf src/snort-2.6.1.5.tar.gz 
   63  cd snort-2.6.1.5/
  
In between here i installed mysql through rpm (devel and admin)

   78  ./configure --enable-flexresp --with-mysql --enable-dynamicplugin
   79  mkdir /etc/snort
   80  mkdir /var/log/snort
   81  tar zxvf /usr/local/src/snortrules-snapshot-CURRENT.tar.gz  -C /etc/snort
   82  cp etc/*.conf* /etc/snort
   83  cp etc/*.map /etc/snort
   84  ln -s /usr/local/bin/snort /usr/sbin/snort
   85  groupadd snort
   86  useradd -g snort snort
   87  chown snort:snort /var/log/snort
   88  vi /etc/snort/snort.conf
   89  vi /etc/snort/snort.conf
 here i have chaged the RULE_PATH in the snort.conf file
 

  
  112  service mysqld status
  113  service mysqld start
  
here i had some problems related to mysql , sorted those out and continued
setting mysql
it took the schema and no problems creating database here

  164  /usr/local/bin/snort -c /etc/snort/snort.conf 
 at this stage i get the message
bash: /usr/local/bin/snort: No such file or directory
 
  whereis snort  
or
whereis snort.conf
gives me 
snort: /usr/sbin/snort /etc/snort

and if i give 
/usr/sbin/snort -c /etc/snort/snort.conf i get the follwing
bash: /usr/local/bin/snort: No such file or directory

tail -f /var/log/messages gives me following

May 28 15:54:53 localhost last message repeated 50 times
May 28 15:55:55 localhost last message repeated 50 times
May 28 15:56:57 localhost last message repeated 50 times
May 28 15:57:59 localhost last message repeated 50 times
May 28 15:59:01 localhost last message repeated 50 times
May 28 16:00:03 localhost last message repeated 50 times
May 28 16:01:05 localhost last message repeated 50 times
May 28 16:02:07 localhost last message repeated 50 times
May 28 16:03:09 localhost last message repeated 50 times
May 28 16:04:11 localhost last message repeated 50 times

Is it that i need to uninstall the packages and relaod the rpm based version..
can somebody give me clue to progress further and give me some idea what is going on and where could be the mistake...

appreciating for your time ..

pearl






"Atkins, Dwane P" <ATKINSD () uthscsa edu> wrote:     Pearl,
  
 If you do a tail -f /var/log/messages, do you see any errors?  Did you try and reconfigure it with the --with-mysql?  
  

 
 
---------------------------------
 From: pearl carlo [mailto:pearlcarlo () yahoo com]
Sent: Mon 5/28/2007 1:29 AM
To: Atkins, Dwane P
Subject: RE: [Snort-users] problem starting snort..kindly help


 i am trying to install snort 2.6.1.5


"Atkins, Dwane P" <ATKINSD () uthscsa edu> wrote:  
What version are you trying to install? I can only guess since I am
rather new, but you may want to attempt to ./configure --with-mysql
Make
Make install


-----Original Message-----
From: snort-users-bounces () lists sourceforge net
[mailto:snort-users-bounces () lists sourceforge net] On Behalf Of pearl
carlo
Sent: Sunday, May 27, 2007 10:29 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] problem starting snort..kindly help

hi all 
i have installed all the required packages and has set up the database
also successfully in mysql but now after doing all the hardwork when i
am trying to start the snort by writing the following
/usr/local/bin/snort -c /etc/snort/snort.conf

i get the following message ..i am unable to understand what i am
missing
bash: /usr/local/bin/snort: No such file or directory

and when i cd to directory structure ....it really do not exist...i hope
that is suppose to be created by snort during installation..

kindly help..i have wasted quite a time on that
pearl


________________________________

Bored stiff? 
Loosen up...
Download and play hundreds of games for free
on Yahoo!
Games.

  

---------------------------------
 Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out. 

       


---------------------------------
Need a vacation? Get great deals to amazing places on Yahoo! 
Travel.-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
 




       
---------------------------------
Building a website is a piece of cake. 
Yahoo! Small Business gives you all the tools to get online.

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

problem starting snort..kindly help pearl carlo (May 27)
- <Possible follow-ups>
- Re: problem starting snort..kindly help pearl carlo (May 28)
  - Re: problem starting snort..kindly help Joel Esler (May 28)
    - Re: problem starting snort..kindly help pearl carlo (May 28)