Snort mailing list archives
Re: More ACID BASE Help
From: Jeremy Hoel <jthoel () gmail com>
Date: Thu, 16 May 2013 13:30:10 -0600
Well, if locatedb is installed I like this 'updatedb' and 'locate barnyard2 | grep bin'' and that would be a good starting place. But you could also back to the /usr/src/barnyard2* directory and run 'sudo make install' or 'make install' as root and look at the output. On Thu, May 16, 2013 at 1:27 PM, Shaun Marlin <shaun.marlin () canalta com>wrote:
What would be the best command to run to find out where it was put. I didn’t see anything while doing the install about where it would put the barnyard2 bin file**** ** ** *From:* Jeremy Hoel [mailto:jthoel () gmail com] *Sent:* Thursday, May 16, 2013 1:19 PM *To:* Shaun Marlin *Cc:* snort-users () lists sourceforge net *Subject:* Re: [Snort-users] More ACID BASE Help**** ** ** It won't be in a directory.. it should just be a bin by itself.**** ** ** When you build from source, if you do 'make install' as root or as sudo , it should but the binary somewhere, normally /usr/local/bin**** On Thu, May 16, 2013 at 1:17 PM, Shaun Marlin <shaun.marlin () canalta com> wrote:**** No there is no barnyard2 binary in /usr/local/bin**** **** I to find the file, but was not able to find a barnyard2 directory.**** **** *From:* Jeremy Hoel [mailto:jthoel () gmail com] *Sent:* Wednesday, May 15, 2013 10:05 PM *To:* snort-users () lists sourceforge net**** *Subject:* Re: [Snort-users] More ACID BASE Help**** **** Is there a barnyard2 binary in /usr/local/bin? **** **** when you did make install in the /usr/src/barnyard2 directory was there any errors?**** **** Have you tried an 'updatedb' and 'locate barnyard2 | grep bin'**** **** Also - please keep replies to the list so that others may learn or help.** ** **** Thanks!**** On Thu, May 16, 2013 at 3:35 AM, Shaun Marlin <shaun.marlin () canalta com> wrote:**** Now that I have that in place, I have tried to run snort and barnyard using **** **** Now start snort and barnyard with these commands:**** *# /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0 &***** *# /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /etc/snort/bylog.waldo -G /etc/snort/gen-msg.map -S***** */etc/snort/sid-msg.map -C /etc/snort/classification.config &***** * ***** *But when I run the second command I get ***** * ***** *root@######:/usr/src# /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log /etc/snort/sid-msg.map -C /etc/snort/classification.config & [2] 350 root@######:/usr/src# -bash: /usr/local/bin/barnyard2: No such file or directory***** * ***** ------------------------------ *From:* Jeremy Hoel [jthoel () gmail com] *Sent:* Wednesday, May 15, 2013 8:42 PM *To:* Shaun Marlin *Cc:* snort-users () lists sourceforge net *Subject:* Re: [Snort-users] More ACID BASE Help**** Look in the barnyard2-* folder in /usr/src; there should a folder called etc and in there is the default barnyard2.conf **** **** **** you could run '*mv etc/barnyard2.conf /etc/snort'***** **** **** On Thu, May 16, 2013 at 2:21 AM, Shaun Marlin <shaun.marlin () canalta com> wrote:**** Hi there again,**** **** So I was directed to use this document http://s3.amazonaws.com/snort-org/www/assets/167/deb_snort_howto.pdf, which to its credit has worked well so far. Right now I am stumped on this section.**** **** *4. Install & configure Barnyard2***** *# cd /usr/src && wget https://github.com/firnsy/barnyard2/archive/master.tar.gz***** *# tar -zxf master.tar.gz && cd barnyard2-****** *# autoreconf -fvi -I ./m4 && ./configure --with-mysql && make && make install***** *# mv /usr/local/etc/barnyard2.conf /etc/snort***** *# cp schemas/create_mysql /usr/src***** **** When I run the command**** *mv /usr/local/etc/barnyard2.conf /etc/snort***** **** I get the following error**** *root@#####:/usr/src/barnyard2-master# mv /usr/local/etc/barnyard2.conf /etc/snort***** *mv: cannot stat `/usr/local/etc/barnyard2.conf': No such file or directory***** **** I looked in that folder and there was no barnyard2.conf file at all.**** **** Other than that it is going fine**** **** Can someone tell my why I can't find barnyard2.conf, or better yet where it is located when installed on Debian 7?**** **** Thanks**** -Shaun**** **** *Shaun Marlin* Network Administrator *Canalta Family of Companies***** 2109 - 545 Highway 10 East Drumheller AB Canada T0J 0Y0 PHONE: (403) 820-3865 CELL: (403) 334-1313 **** EMAIL: shaun.marlin () canalta com WEB: www.canalta.com **** **** ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!**** **** **** ** **
------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- More ACID BASE Help Shaun Marlin (May 15)
- Re: More ACID BASE Help Jeremy Hoel (May 15)
- Message not available
- Re: More ACID BASE Help Jeremy Hoel (May 15)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Re: More ACID BASE Help Shaun Marlin (May 16)
- Re: More ACID BASE Help Jeremy Hoel (May 16)
- Message not available
- Re: More ACID BASE Help Jeremy Hoel (May 15)