Snort mailing list archives

Re: Snort running on Linux 8.0

From: Demetri Mouratis <dmourati () cm math uiuc edu>
Date: Wed, 30 Jul 2003 11:46:31 -0500 (CDT)

Hi Vince,

You should be able to see what's going on by doing the following:

# tail -f /var/log/messages| grep snort

And then in a new term:
# /etc/init.d/snort restart
# /etc/init.d/snort status

My guess is something is fouled up with the snort->DB connection.  Try
commenting out the output line you showed below and repeat.

HTH.
On Wed, 30 Jul 2003, Vince McGinnis wrote:

Hi,

I am looking for some help as I am a newbie to snort running on a Linux box.
Here is the breakdown on the install of snort:

mkdir /etc/snort
mkdir /var/log/snort
tar -xvzf snort-2.0.0.tar.gz
cd snort-2.0.0
./configure - with mysql=/usr/local/mysql
make
make install

cd rules
cp * /etc/snort
cd ../etc
cp snort.conf /etc/snort
cd *.config /etc/snort

I modified the snort.conf file with the following

var HOME_NET 172.20.50.0/24
var Rule_PATH /etc/snort/

output database: log, mysql, user=root password=password dbname=snort
host=localhost

I then set Snort to start automatically

I changed the snort file in init.d to the following

CONFIG=/etc/snort/snort.conf

Chmod 755 snort

cd /etc/rc3.d
ln -s ../init.d/snort S99snort
ln -s ../init.d/snort K99snort
cd /etc/rc5.d
ln -s ../init.d/snort S99snort
ln -s ../init.d/snort K99snort

I setup up the database in MYSQL and verified that it created correctly.

Now my trouble is when I go to start Snort with snort -D -c snort.conf it
comes right back to the prompt with no error but looking at processes
running it does not start. I cannot find anywhere if there is a log on
errors when starting. I am at a lost as to why it is not starting.

Any help you can give will be appreciated and thanks in advance for taking
the time to read this.





Vincent J. McGinnis
Senior Systems Integration Specialist
Library Video Company
7 East Wynnewood Road
Wynnewood, PA 19096
P: 610-645-4000 x219
F: 610-645-4090
 <mailto:vince () libraryvideo com> vince () libraryvideo com
 <http://www.libraryvideo.com> http://www.libraryvideo.com

"Do not dwell in the past, do not dream of the future, concentrate the mind
on the present moment." -Buddha


---------------------------------------------------------------------
Demetri Mouratis
dmourati () linfactory com



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort running on Linux 8.0 Vince McGinnis (Jul 30)
- Re: Snort running on Linux 8.0 Erek Adams (Jul 30)
- Re: Snort running on Linux 8.0 Demetri Mouratis (Jul 30)
- <Possible follow-ups>
- Re: Snort running on Linux 8.0 Kevin Peuhkurinen (Jul 30)