Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: spamnchips on August 13, 2005, 06:05:55 PM
-
Hi,
I have just installed SNORT and ACID according to the How To on this site and following some other links have tried to change the snort.conf file to point to my eth1 NIC. On opening the snort.conf file there is the following statement at the top of the file ...
DO NOT MODIFY THIS FILE! It is updated automatically by the SME Server software. Instead, modify the source template in an /etc/e-smith/templates-custom directory. For more information, see http://www.e-smith.org/custom/
copyright (C) 1999-2003 Mitel Networks Corporation
I have tried the web site but am not allowed to Login and I cannot find any templates at the location shown. Can anyone suggest how I make the changes please ?
Thanx
John
-
I think I have now found a refernece deeper in the forum database. I typed the command ps -ef on the command line which returned
snort 13117 1 0 16:19 ? 00:00:02 /usr/sbin/snort -D -i eth1 -u snort -g snort -c /etc/snort/snort.conf
As this refers to eth1 which is my ethernet card connected to my ADSL modem, I am assuming that SNORT is correctly configured for checking on any intrusions.
-
Can anyone suggest how I make the changes please ?
Read this page:
http://no.longer.valid/phpwiki/index.php/Customizing
If you have suggestions that would improve the howto you read, let the authour know, or write a new howto ;-)
-
Greg,
Thanks for the pointer. I had found a similar reference elsewhere which allowed me to update the years in the acid graphing templates but this is a good general customising help.
John