Koozali.org: home of the SME Server

Obsolete Releases => SME 7.x Contribs => Topic started by: grunt on May 08, 2007, 03:05:08 AM

Title: Snort Base Problem
Post by: grunt on May 08, 2007, 03:05:08 AM

Has any one got the Snort contrib actually reporting anything yet? Saw several past post on the subject, and have tried all the fixes. No luck.

Any clues would be appreciated.

Thanks much!

Ed

Title: Snort Base Problem
Post by: jahlewis on June 27, 2007, 12:29:25 AM

I've just installed the following rpm's on my recently upgraded to 7.2 server:
smeserver-base-1.2.2-1.noarch.rpm  smeserver-guardiand-1.7-4.noarch.rpm  smeserver-oinkmaster-1.2-2.noarch.rpm  smeserver-snort-2.6.0-2.i386.rpm

Here were the default permissions:
drwxr-xr-x  2 snort   snort      4096 Mar 22  2006 snort
drwxr-xr-x  2 root    root       4096 Jul 18  2006 snortd

I changed it to thus:
drwxr-xr-x  2 snort   snort      4096 Mar 22  2006 snort
drwxr-xr-x  2 root    root       4096 Jul 18  2006 snortd

service snortd restart shows no errors, but neither of the above directories add any logs, even when I portscan with shields up...

In base, it shows no sensors. in mysql, both snort db's are empty...

ideas?