Snort mailing list archives
Re: Snort-users Digest, Vol 86, Issue 13
From: waldo kitty <wkitty42 () windstream net>
Date: Thu, 11 Jul 2013 05:59:58 -0400
On 7/11/2013 04:56, anagha b wrote:
I solved the root access problem by changing barnyard.conf but I am still not getting one point that I configured snort with user anagha and I have to run snort as root ? Can anybody give solution for it .
normal users do not have access to administration or system level objects... they do not need it and you do not want them to have such due to security risks... you also do not want to run snort as root or administrator in case it gets compromised... using the -u -g options does not run snort as root... you /start/ snort as root so it can have access to the system objects it needs to do its job and then it switches its user and group to those specified on the command line and runs as them... this is why it is recommended to set up a user specifically for snort (and maybe other services) that has no login capability... some systems set up a snort user and group specifically for snort to use... others may have a nobody user and group that several services use... snort might be one of those services along with httpd, smtpd and others... how you do this is up to you but the user used should not have login capabilities at all... in many cases, this is as easy as setting their shell to "/bin/false"... -- NOTE: No off-list assistance is given without prior approval. Please keep mailing list traffic on the list unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Snort-users Digest, Vol 86, Issue 13 anagha b (Jul 11)
- Re: Snort-users Digest, Vol 86, Issue 13 waldo kitty (Jul 11)