Re: [Snort-users] snort idmef plugin
This is a discussion on Re: [Snort-users] snort idmef plugin within the Snort forums, part of the System Security and Security Related category; Matt, I used the following steps to install idmef and snort2.0.4: 1. install libxml2 2.6.2 2. ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-27-2003
|
|||
|
|||
Re: [Snort-users] snort idmef plugin
Matt,
I used the following steps to install idmef and snort2.0.4: 1. install libxml2 2.6.2 2. install libidmef 0.7.2 3. tar -zxvf snort-idmef-plugin-1.2.1alpha2.0.5.tar.gz 4. tar -zxvf snort-2.0.4 5. cd snort-2.0.4 6. apply the following patches. + configure.in.diff - apply to top level configure.in file in snort. + src_plugbase.c.diff - apply to snort's ../src/plugbase.c file. + src_plugin_enum.h.diff - apply to snort's ../src/plugin_enum.h file. + src_output-plugins_Makefile.am.diff - apply to snort's ../src/output-plugins/Makefile.am 7. Copy spo_idmef.c and spo_idmef.h from snort-idmef directory to snort's ./src/output-plugins directory. 8. mkdir /etc/snort 9. mkdir /var/log/snort 10. Run autoconf at snort's root directory 11. At snort's root directory run ./configure --enable-idmef --with-mysql=/usr/local/mysql --with-libxml2-includes=/usr/local/include/libxml2 --with-libxml2-libraries=/usr/local/lib --with-libidmef-includes=/usr/local/include --with-libidmef-libraries=/usr/local/lib 12. make 13. make install 14. cd rules 15. cp * /etc/snort 16. add "idmef:default" for each rule in each rule files 17. cd ../etc 18. cp snort.conf /etc/snort 19. cp *.config /etc/snort 20. modify snort.conf to make RULE_PATH to /etc/snort 21. snort -? error msg: snort: error while loading shared libraries: libidmef.so.0: cannot open shared object file: No such file or directory Do you think I still need set up load lib to /usr/local/lib in /etc/ld.so.conf? Thanks, Yuedong --- Matt Kettler <mkettler@evi-inc.com> wrote: > At 04:04 PM 11/25/2003, yuedong wu wrote: > >I have tried your latest version. The installation > >process looks fine. However when I ran the snort, > it > >reports error information: error load > libidmef.so.0, > >cannot find file or directory. But the file > >libidmef.so.0 is in /usr/local/lib dir, which is > the > >default lib dir. > > > >Can you help me out? Thanks, > > is your /etc/ld.so.conf set up to load libraries in > /usr/local/lib? > > Most systems will not honor /usr/local/lib by > default. > __________________________________ Do you Yahoo!? Free Pop-Up Blocker - Get it now http://companion.yahoo.com/ ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
