Snort mailing list archives

Re: Snort 1.8 on Redhat 7.1

From: "frogball" <frogball () war-games org>
Date: Thu, 26 Jul 2001 09:35:20 -0400

The script below was created by the RPM package for 1.7 and still works for
1.8. Put it into a file called "snortd", in the /etc/init.d directory. Edit
it for your configuration and paths. Then run "chkconfig --add snortd" and
the links for the various rc directories will be created for you. Then
reboot or run "/etc/init.d/snortd start".

Frogball



Begin /etc/init.d/snortd--------------
#!/bin/sh
#
# snortd         Start/Stop the snort IDS daemon.
#
# chkconfig: 2345 40 60
# description:  snort is a lightweight network intrusion detection tool that
#               currently detects more than 1100 host and network
#               vulnerabilities, portscans, backdoors, and more.
#
# June 10, 2000 -- Dave Wreski <dave () linuxsecurity com>
#   - initial version
#
# July 08, 2000 Dave Wreski <dave () guardiandigital com>
#   - added snort user/group
#   - support for 1.6.2

# Source function library.
. /etc/rc.d/init.d/functions

# Specify your network interface here
INTERFACE=eth0

# See how we were called.
case "$1" in
  start)
        echo -n "Starting snort: "
        daemon /usr/local/snort/snort  -A full -d -D \
                -i $INTERFACE -N -c /usr/local/snort/snort.conf
        touch /var/lock/subsys/snort
        echo
        ;;
  stop)
        echo -n "Stopping snort: "
        killproc snort
        rm -f /var/lock/subsys/snort
        echo
        ;;
  restart)
        $0 stop
        $0 start
        ;;
  status)
        status snort
        ;;
  *)
        echo "Usage: $0 {start|stop|restart|status}"
        exit 1
esac

exit 0

End------------




----- Original Message -----
From: "Larry E. Smith Jr." <lsmithjr () monster-solutions net>
To: <snort-users () lists sourceforge net>
Sent: Wednesday, July 25, 2001 1:56 PM
Subject: [Snort-users] Snort 1.8 on Redhat 7.1

can anyone tell me how to get snort to start on bootup for Redhat Linux

7.1?

Also how to monitor another server from the snort server? Meaning if I

want

to monitor a win2k server from a linux snort server.

thnaks!



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort 1.8 with MYSQL support for WIN32 Johnson, David (Jul 25)
- Re: Snort 1.8 with MYSQL support for WIN32 Larry E. Smith Jr. (Jul 25)
  - Snort 1.8 on Redhat 7.1 Larry E. Smith Jr. (Jul 25)
    - Re: Snort 1.8 on Redhat 7.1 frogball (Jul 26)
- <Possible follow-ups>
- RE: Snort 1.8 with MYSQL support for WIN32 Frank Knobbe (Jul 25)