[Snort-users] Help newb understand how Snort is supposed to run.

Hello,

I left a post in the forum but so far no one has answered and I prefer
mailing lists anyway so here I am.

I've succesfully 'make install'ed Snort but about whether or not it's
actually installed. I can run it from the command line with something
simple like 'snort -v' but the reason I'm confused is because the only
files I can find that 'make install' put on my system are
/usr/local/bin/snort and /usr/local/man/man8/snort.8. Is this correct?

I thought maybe there should be /etc/snort.conf or /etc/snort/* or
something like that. I see that the directory I unpacked the Snort
..tar.gz in has an ./etc directory. Should I copy all those files into
/etc? Not seeing anything in /etc about Snort I put the rules I
downloaded in there at /etc/snort/.

I imagine it should be run as a daemon but I've never set something like
that up (except for software that comes as an RPM of course, but that
doesn't really count).

I don't plan to run it with ACID or MySQL. I have a fair amount of HD
space and if I put it into binary mode I think I should be fine with a
weeks worth of data (as long as it does cynlindrical logging or if I can
rotate the log).

What should I do at this point?


Thanks,
Chris.

p.s. I have version 2.4.0 installed with 2.4.0 community contributed
rules downloaded.


-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users