Topic: Update: Acid / Snort / Guardian Active IDS

[Ari]

Just a quick note:

There's a newer version of the ari-mitel-acid rpm and an update to the trevor-mitel-guardian rpm that work with the SME 5.6 server.

http://marari.net/downloads/snort/acid-howto.htm

Comments, as always, are appreciated.

Ari

[steve]

cool ari, thanks

[Graeme Fleming]

Hi all

Just installed this update on my 5.5 box as a prelude to upgrading to 5.6 and encountered a small prob.

When the upgrade process completes I am left without a /opt/administration/acid folder (and consequently any related files); when the browser tries to access the acid config page it reports the missing folder.

Just run the install a second time and its of and racing

HTH

[Cyrus Bharda]

Hello, I followed Ari's snort+ACID howto here:
 
http://marari.net/downloads/snort/acid-howto.htm
 
to the letter, I even cut and pasted all the commands in so I didnt make and spelling mistakes, the ACID page works fine, but it display's 0 detects, so I typed this:
 
[root@esmith root]# service snortd status
snort-mysql is stopped

so I tryed starting it:
 
[root@esmith root]# service snortd start
Starting snort: Initializing Output Plugins!
                                                           [ FAILED ]
 
Even restarting didnt work:
 
[root@esmith root]# service snortd restart
Stopping snort:                                            [ FAILED ]
Starting snort: Initializing Output Plugins!
                                                           [ FAILED ]

What have I done wrong?
 
My system is 5.5 U3 and I did install the 5.5 specifice files as well as the guardian module, and in the order specified in your howto, still it does not work, tryed rebooting even, nothing!!
 
Any help would be greatly appreciated!!
 
Thanks for your time!
 
Cyrus Bharda