Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort in Debian 6.0.9 with Barnyard2

From: chozy fachrul <fahrul_chozy () live com>
Date: Sat, 19 Jul 2014 06:07:49 +0800
Hi all...
I'm Oji from Indonesia (State Polytechnic of Ujung Pandang).. I have a 
final project about IDS.. and I tried to install snort, barnyard2, and 
pulledpork. when I install snort, pulledpork, and base everything is 
fine.

But, I have problem when I tried to install barnyard2. Here's the detail:

- Debian 6.0.9 x86

- I use this command to install barnyard2:



apt-get -y install git

git clone https://github.com/firnsy/barnyard2.git

cd barnyard2

autoreconf -fvi -I ./m4

locate update

locate libmysqlclient

# Use the /usr/lib/$DIR path for the libmysqlclient in the next command, this will

# vary per CPU architecture

./configure --with-mysql --with-mysql-libraries=$DIR

make

make install

mv /usr/local/etc/barnyard2.conf /etc/snort

cp schemas/create_mysql /usr/src 



I think it is similiar to command that I found from ids deb snort pdf document (created by jason weir):

# cd /usr/src && wget https://nodeload.github.com/firnsy/b...tarball/master

# tar -zxf master && cd firnsy-barnyard2-*

# autoreconf -fvi -I ./m4 && ./configure --with-mysql && make && make install

# mv /usr/local/etc/barnyard2.conf /etc/snort

# cp schemas/create_mysql /usr/src



I found a problem in: Use the /usr/lib/$DIR path for the libmysqlclient 
in the next command, it shows an error, so I just use this command:



usr/lib#./configure --with-mysql --with-mysql-libraries=/usr/lib



and it run well, but when I want to run Barnyard it shows an error:



#/usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort \

  -f snort.log -w /etc/snort/bylog.waldo -C /etc/snort/classification.config &



"ERROR: SetChroot: Can not chdir to "/usr/local/bin/barnyard2": Not a directory"



 



ps: important files and directory.




/etc/snort/rules





/etc/snort/barnyard2.conf





/etc/snort/snort.conf




Please your help.. I attach my snort.conf and barnyard2.conf file...



Thanks

Attachment: files.zip
Description: 

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: