snort installation does not work

Home Page Forums Network Management Snort IDS snort installation does not work

This topic contains 4 replies, has 0 voices, and was last updated by  sbussi 8 years, 7 months ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #42138

    sbussi
    Member

    Hi

    first of all I have to thank Flavio for his great work on Zeroshell. We are running Zeroshell for 2 years in production now and had never any issues with it. Great box, great software.

    Today I tried to install snort from the on-line updates folder but with no success.
    First question to this is:
    where can I find the installation logfile of snort?

    Here is the output from the command line:

    root@in001 DA12> ./install.sh -?
    Reading configuration …
    Checking dependencies …
    Extracting packages …
    Running scripts …
    Starting updater process for the release 1.0.beta11b …
    –> Checking for installed updates:
    [BA00] DansGuardian – True Web Content Filtering for All
    [C100] Security FIX – Unauthenticated Remote Code Execution
    [C105] OpenDNS dynamic updater
    [C110] MRTG – Statistics
    –> Replacing files …
    –> Patching files …
    –> Running scripts …
    Preparing DansGuardian…
    Restarting administrative web interface …
    Stopping httpd daemon… [FAILED]
    Starting httpd daemon…
    (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
    no listening sockets available, shutting down
    Unable to open logs [FAILED]
    Starting Captive Portal …
    –> Gateway disabled
    –> Web Login Authentication Server started (12080-12081 tcp)
    Stopping Dynamic DNS client daemon… [ OK ]
    Starting Dynamic DNS client daemon… [ OK ]
    Stopping MRTG … [ OK ]
    Starting MRTG …
    Daemonizing MRTG … [ OK ]
    Stopping httpd daemon… [ OK ]
    Starting httpd daemon… [ OK ]
    Syncing filesystem… Done
    /sbin/service: line 6: /etc/rc.d/init.d/snort: No such file or directory
    /sbin/service: line 6: exec: /etc/rc.d/init.d/snort: cannot execute: No such fil
    e or directory


    Snort 2.8.5 has been installed. For information see the web site
    http://www.snort.org



    – The file /var/register/system/snort/Interfaces contains the network
    interfaces on which Snort captures the packets (default ETH00)

    – The file /etc/snort.conf contains the configuration of Snort

    – To restart Snort daemon use the command:

    service snort restart

    – To check the alerts use the Log Viewer of the web interface
    in the section [snort]

    root@in001 DA12>

    Any help or ideas?

    Best regards
    Stephan

    #49373

    ppalias
    Member

    Are you running ZS 1.0 beta11?

    #49374

    sbussi
    Member

    Yes, I am running beta11.
    Maybe that should be my problem. I will move to beta12 asap and will come here to tell you if my problem will be solved by beta12.
    Thx for this hint.

    #49375

    ppalias
    Member

    Yup snort is supposed to be a patch for beta12, so trying it with beta11 might not work.

    #49376

    lanshark
    Member

    After installing per the instructions at http://www.zeroshell.net/eng/patch-details/#DA12, I receive the following:

    /sbin/service: line 6: /etc/rc.d/init.d/snort: No such file or directory
    /sbin/service: line 6: exec: /etc/rc.d/init.d/snort: cannot execute: No such file or directory


    Snort 2.8.5 has been installed. For information see the web site
    http://www.snort.org



    – The file /var/register/system/snort/Interfaces contains the network
    interfaces on which Snort captures the packets (default ETH00)

    – The file /etc/snort.conf contains the configuration of Snort

    – To restart Snort daemon use the command:

    service snort restart

    – To check the alerts use the Log Viewer of the web interface
    in the section [snort]

    There is no [snort] section of the Log Viewer, running the “service snort start” or “service snort restart” gives me the error
    /sbin/service: line 6: /etc/rc.d/init.d/snort: No such file or directory
    /sbin/service: line 6: exec: /etc/rc.d/init.d/snort: cannot execute: No such file or directory

    I am running ZS 1.0.beta13. Where did I go wrong?

    Thanks!

    Jim

    #49377

    ppalias
    Member

    There seems to be missing the

    /sbin/service

    file. I should add here that snort is for beta12, don’t know if it has been tested on beta13.

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.