Re: More ACID BASE Help

[Jeremy Hoel <jthoel () gmail com>]

It won't be in a directory.. it should just be a bin by itself.

When you build from source, if you do 'make install' as root or as sudo ,
it should but the binary somewhere, normally /usr/local/bin

On Thu, May 16, 2013 at 1:17 PM, Shaun Marlin <shaun.marlin () canalta com>wrote:

> No there is no barnyard2 binary in /usr/local/bin****
>
> ** **
>
> I to find the file, but was not able to find a barnyard2 directory.****
>
> ** **
>
> *From:* Jeremy Hoel [mailto:jthoel () gmail com]
> *Sent:* Wednesday, May 15, 2013 10:05 PM
> *To:* snort-users () lists sourceforge net
>
> *Subject:* Re: [Snort-users] More ACID BASE Help****
>
> ** **
>
> Is there a barnyard2 binary in /usr/local/bin?   ****
>
> ** **
>
> when you did make install in the /usr/src/barnyard2 directory was there
> any errors?****
>
> ** **
>
> Have you tried an 'updatedb' and 'locate barnyard2 | grep bin'****
>
> ** **
>
> Also - please keep replies to the list so that others may learn or help.**
> **
>
> ** **
>
> Thanks!****
>
> On Thu, May 16, 2013 at 3:35 AM, Shaun Marlin <shaun.marlin () canalta com>
> wrote:****
>
> Now that I have that in place, I have tried to run snort and barnyard using
> ****
>
>  ****
>
> Now start snort and barnyard with these commands:****
>
> *# /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i
> eth0 &*
>
> *# /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d
> /var/log/snort -f snort.log -w /etc/snort/bylog.waldo -G
> /etc/snort/gen-msg.map -S*
>
> */etc/snort/sid-msg.map -C /etc/snort/classification.config &*
>
> * *
>
> *But when I run the second command I get *
>
> * *
>
> *root@######:/usr/src# /usr/local/bin/barnyard2 -c
> /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log
> /etc/snort/sid-msg.map -C /etc/snort/classification.config &
> [2] 350
> root@######:/usr/src# -bash: /usr/local/bin/barnyard2: No such file or
> directory*
>
> * *
> ------------------------------
>
> *From:* Jeremy Hoel [jthoel () gmail com]
> *Sent:* Wednesday, May 15, 2013 8:42 PM
> *To:* Shaun Marlin
> *Cc:* snort-users () lists sourceforge net
> *Subject:* Re: [Snort-users] More ACID BASE Help****
>
> Look in the barnyard2-* folder in /usr/src; there should a folder called
> etc and in there is the default barnyard2.conf ****
>
> ** **
>
> ** **
>
> you could run '*mv etc/barnyard2.conf /etc/snort'*****
>
> ** **
>
> ** **
>
> On Thu, May 16, 2013 at 2:21 AM, Shaun Marlin <shaun.marlin () canalta com>
> wrote:****
>
> Hi there again,****
>
>  ****
>
> So I was directed to use this document
> http://s3.amazonaws.com/snort-org/www/assets/167/deb_snort_howto.pdf,
> which to its credit has worked well so far.  Right now I am stumped on this
> section.****
>
>  ****
>
> *4. Install & configure Barnyard2*****
>
> *# cd /usr/src && wget
> https://github.com/firnsy/barnyard2/archive/master.tar.gz*****
>
> *# tar -zxf master.tar.gz && cd barnyard2-******
>
> *# autoreconf -fvi -I ./m4 && ./configure --with-mysql && make && make
> install*****
>
> *# mv /usr/local/etc/barnyard2.conf /etc/snort*****
>
> *# cp schemas/create_mysql /usr/src*****
>
>  ****
>
> When I run the command****
>
> *mv /usr/local/etc/barnyard2.conf /etc/snort*****
>
>  ****
>
> I get the following error****
>
> *root@#####:/usr/src/barnyard2-master# mv /usr/local/etc/barnyard2.conf
> /etc/snort*****
>
> *mv: cannot stat `/usr/local/etc/barnyard2.conf': No such file or
> directory*****
>
>  ****
>
> I looked in that folder and there was no barnyard2.conf file at all.****
>
>  ****
>
> Other than that it is going fine****
>
>  ****
>
> Can someone tell my why I can't find barnyard2.conf, or better yet where
> it is located when installed on Debian 7?****
>
>  ****
>
> Thanks****
>
> -Shaun****
>
> ** **
>
> *Shaun Marlin*
> Network Administrator
>
>
> *Canalta Family of Companies*****
>
> 2109 - 545 Highway 10 East
> Drumheller AB Canada T0J 0Y0
> PHONE: (403) 820-3865
> CELL:     (403) 334-1313  ****
>
> EMAIL:   shaun.marlin () canalta com
> WEB:      www.canalta.com
>
>  ****
>
> ** **
>
>
>
> ------------------------------------------------------------------------------
> AlienVault Unified Security Management (USM) platform delivers complete
> security visibility with the essential security capabilities. Easily and
> efficiently configure, manage, and operate all of your security controls
> from a single console and one unified framework. Download a free trial.
> http://p.sf.net/sfu/alienvault_d2d
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!****
>
> ** **
>
> ** **

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!