[PLUG] on to snort TROUBLESHOOTING

Ron Kaye Jr on 2 Sep 2009 07:36:37 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] on to snort TROUBLESHOOTING

From: Ron Kaye Jr <rekaye1005@verizon.net>

To: firnsy@securixlive.com

Subject: [PLUG] on to snort TROUBLESHOOTING

Date: Wed, 02 Sep 2009 09:36:01 -0500 (CDT)

Cc: Yogesh.Mulay@cognizant.com, snort-users@lists.sourceforge.net, plug@lists.phillylinux.org

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

using ...
http://www.snort.org/assets/113/Snort_2.8.4.1_Ubuntu.pdf

RE BASE ENGINE INSTALL
canvas and graph with dependencies got it cookin
will add your suggestions

have a clean "base" screen
doesnt appear to be receiving data..

suggestions for the intro troubleshooting path forward?
i am seeing activity being logged into /var/log/snort.

i will try the TEST SNORT section today.
this says edit local.rules with your alert line

i am also reading add to snort.conf

we will NEVER give up

Ron Kaye Jr
914-7294734

Sep 1, 2009 05:34:16 PM, firnsy@securixlive.com wrote:
Ron Kaye Jr wrote:
> first a note of thanks for hanging in there with me.
> it has mostly gone well, but hurdles keep appearing.

No problem.

>
> 1) what is smime.p7s and how should i use it?
>

I don't know, can't say it's ever reared its ugly head on me.

> 2) graphing is not working. I have downloaded Image_Graph. Where shall
> I "untar" it to, and configure/make/make install.

You need to install this via the command line using Pear. Using similar to:

pear install Image_Color-1.0.3.tgz
pear install Image_Canvas-0.3.1.tgz
pear install Numbers_Words-0.16.1.tgz
pear install Image_Graph-0.7.2.tgz

It's also nice to update the channel first with

pear channel-update "pear.php.net"

>
> *Error loading the Graphing library: *
>
> Check your Pear::Image_Graph installation!
>
> * Image_Graph can be found here:at http://pear.veggerby.dk/. Without
> this library no graphing operations can be performed.
> * Make sure PEAR libraries can be found by php at all:
>
> pear config-show | grep "PEAR directory"
> PEAR directory php_dir /usr/share/pear
>
> This path must be part of the include path of php (cf. /etc/php.ini):
>
> php -i | grep "include_path"
> include_path => .:/usr/share/pear:/usr/share/php => .:/usr/share/pear:/usr/share/php
>
> I have multiple instances of php.ini in php5 and /snort/php5 directories.
> Which gets editted?
>
> Ron Kaye Jr
> 914-7294734
>

What OS are you using? Debian/Fedora??

What guide are you using to install with?

--
firnsy
www.securixlive.com

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Prev by Date: Re: [PLUG] ethics of APs

Next by Date: Re: [PLUG] ethics of APs

Previous by thread: Re: [PLUG] OT: Free Usenet Service

Next by thread: [PLUG] server monitoring- set up threshold alerts

Index(es):

Date

Thread