Re: More ACID BASE Help

[Jeremy Hoel <jthoel () gmail com>]

I'm pretty sure that comes with the rule tarball.  Did you grab the rules
file?

Also, look at pullpork vs oinkmaster.

And, if you are running this as a test, you might check out secuirtyonion,
as it does all this for you and helps get you up and running quickly..

On Thu, May 16, 2013 at 10:55 PM, Shaun Marlin <shaun.marlin () canalta com>wrote:

> Ok, so I have hit yet another wall.  /etc/snort/gen-msg.map does not
> exist on the SNORT install at all.  I have looked in over a dozen places
> thinking it could be there.  I have also looked at various places to have
> it created using the likes of OINKmaster, but I cannot get it to generate.
> I’m really sorry for being a pain.****
>
> ** **
>
> ** **
>
> *Shaun Marlin*
> Network Administrator
>
>
> *Canalta Family of Companies*
>
> 2109 - 545 Highway 10 East
> Drumheller AB Canada T0J 0Y0
> PHONE: (403) 820-3865
> CELL:     (403) 334-1313
>
> EMAIL:   shaun.marlin () canalta com
> WEB:      www.canalta.com
>
>
>
> *From:* Jeremy Hoel [mailto:jthoel () gmail com]
> *Sent:* Thursday, May 16, 2013 3:55 PM
>
> *To:* Shaun Marlin
> *Cc:* snort-users () lists sourceforge net
> *Subject:* Re: [Snort-users] More ACID BASE Help****
>
> ** **
>
> Ok.. you can see in the error that you have something listed twice.****
>
> ** **
>
> remove the -S option.  please try some things out before you keep coming
> back to the list.. the problems a lot of times are in the error message.**
> **
>
> On Thu, May 16, 2013 at 9:53 PM, Shaun Marlin <shaun.marlin () canalta com>
> wrote:****
>
> Ok, so I launch barnyard now, and I get this…****
>
>  ****
>
> root@SENTRY:/usr/src/barnyard2-master# Running in Continuous mode****
>
>  ****
>
>         --== Initializing Barnyard2 ==--****
>
> Initializing Input Plugins!****
>
> Initializing Output Plugins!****
>
> Parsing config file "/etc/snort/barnyard2.conf"****
>
> ERROR: The sid map file was included two times command line (-S)
> [/etc/snort/sid-msg.map] and in the configuration file (config sid_map)
> [/etc/snort/sid-msg.map].****
>
> It only need to be defined once.****
>
> Fatal Error, Quitting..****
>
> Barnyard2 exiting****
>
>  ****
>
> *From:* Jeremy Hoel [mailto:jthoel () gmail com]
> *Sent:* Thursday, May 16, 2013 3:40 PM****
>
>
> *To:* Shaun Marlin
> *Cc:* snort-users () lists sourceforge net****
>
> *Subject:* RE: [Snort-users] More ACID BASE Help****
>
>  ****
>
> With a make and make install and no errors?****
>
> Then yes.. Check /usr/local/bin****
>
> ** **

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!