Snort mailing list archives
Re: More ACID BASE Help
From: Jeremy Hoel <jthoel () gmail com>
Date: Thu, 16 May 2013 23:08:02 +0000
I'm pretty sure that comes with the rule tarball. Did you grab the rules file? Also, look at pullpork vs oinkmaster. And, if you are running this as a test, you might check out secuirtyonion, as it does all this for you and helps get you up and running quickly.. On Thu, May 16, 2013 at 10:55 PM, Shaun Marlin <shaun.marlin () canalta com>wrote:
Ok, so I have hit yet another wall. /etc/snort/gen-msg.map does not exist on the SNORT install at all. I have looked in over a dozen places thinking it could be there. I have also looked at various places to have it created using the likes of OINKmaster, but I cannot get it to generate. I’m really sorry for being a pain.**** ** ** ** ** *Shaun Marlin* Network Administrator *Canalta Family of Companies* 2109 - 545 Highway 10 East Drumheller AB Canada T0J 0Y0 PHONE: (403) 820-3865 CELL: (403) 334-1313 EMAIL: shaun.marlin () canalta com WEB: www.canalta.com *From:* Jeremy Hoel [mailto:jthoel () gmail com] *Sent:* Thursday, May 16, 2013 3:55 PM *To:* Shaun Marlin *Cc:* snort-users () lists sourceforge net *Subject:* Re: [Snort-users] More ACID BASE Help**** ** ** Ok.. you can see in the error that you have something listed twice.**** ** ** remove the -S option. please try some things out before you keep coming back to the list.. the problems a lot of times are in the error message.** ** On Thu, May 16, 2013 at 9:53 PM, Shaun Marlin <shaun.marlin () canalta com> wrote:**** Ok, so I launch barnyard now, and I get this…**** **** root@SENTRY:/usr/src/barnyard2-master# Running in Continuous mode**** **** --== Initializing Barnyard2 ==--**** Initializing Input Plugins!**** Initializing Output Plugins!**** Parsing config file "/etc/snort/barnyard2.conf"**** ERROR: The sid map file was included two times command line (-S) [/etc/snort/sid-msg.map] and in the configuration file (config sid_map) [/etc/snort/sid-msg.map].**** It only need to be defined once.**** Fatal Error, Quitting..**** Barnyard2 exiting**** **** *From:* Jeremy Hoel [mailto:jthoel () gmail com] *Sent:* Thursday, May 16, 2013 3:40 PM**** *To:* Shaun Marlin *Cc:* snort-users () lists sourceforge net**** *Subject:* RE: [Snort-users] More ACID BASE Help**** **** With a make and make install and no errors?**** Then yes.. Check /usr/local/bin**** ** **
------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: More ACID BASE Help, (continued)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help beenph (May 21)
- Re: More ACID BASE Help Gregory W. MacPherson (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)