Snort mailing list archives
webmin - snort (fwing again)
From: "Rahul" <shadhanker () gmx net>
Date: Sat, 16 Aug 2003 11:01:40 +0530
Hello all, Thanks for the resposne. Now i've got snort working. Now i want to use webmin for snort. So i downlaod snort-1.1.wbm and integrated. When i try to browse,i'm getting Rule file cannot be found (/home/sadha/snort/$RULE_PATH/attack-responses.rules) so i edited index.cgi(of webmin) as follows,(i.e to replace RULE_PATH var with 'rules' - dir name) ($rule) =~ s/\$RULE_PATH/rules/g; It works fine. 1) Is this right? Then another pbl, in webmin page, Rulesets = Enabled = Disabled Rule Set Status Action Rule Set Status Action Rule Set Status Action rules/attack-responses Disable rules/misc Disable rules/smtp Disable rules/backdoor Disable rules/multimedia Enable rules/snmp Disable rules/bad-traffic Disable rules/mysql Disable rules/sql Disable rules/chat Enable rules/netbios Disable rules/telnet Disable rules/ddos Disable rules/nntp Disable rules/tftp Disable rules/dns Disable rules/oracle Disable rules/virus Enable rules/dos Disable rules/other-ids Disable rules/web-attacks Enable rules/experimental Disable rules/p2p Enable rules/web-cgi Disable rules/exploit Disable rules/policy Enable rules/web-client Disable rules/finger Disable rules/pop2 Disable rules/web-coldfusion Disable rules/ftp Disable rules/pop3 Disable rules/web-frontpage Disable rules/icmp Disable rules/porn Enable rules/web-iis Disable rules/icmp-info Enable rules/rpc Disable rules/web-misc Disable rules/imap Disable rules/rservices Disable rules/web-php Disable rules/info Enable rules/scan Disable rules/x11 Disable rules/local Disable rules/shellcode Enable 2) i'm able to access thro Rule Set (i.e for example clicking on rules/attack-responses will take thro to page rightly). But, Action is not possible(Hope Action column is link, for example when i click Action "Disable of rules/atatck-responses" , it gives "The page cannot be found" ---------it passes the url as "http:<pathto snort>/rule_status.cgi?rule=rules/attack-responses" Actually what is that action column from above snip. Plz help me to succeed with this. Thanks and Regards, -sadha --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.483 / Virus Database: 279 - Release Date: 5/19/2003
Current thread:
- webmin - snort (fwing again) Rahul (Aug 15)
- <Possible follow-ups>
- Fw: webmin - snort (fwing again) Rahul (Aug 17)