Just a quick note that there is a bug in the setup script in the current version of Security Onion. If you double-click the Setup desktop shortcut (or run "setup" from a non-root user account) AND try to update rules, one of the commands will fail and the snort.rules file will be empty. All other functions in the setup script work fine so if you're not using it to update rules, you will never experience this issue.
The next release of Security Onion will have the Setup desktop shortcut configured to run the script using sudo. In the meantime, you can open a terminal and execute "sudo setup" to obtain the necessary privileges and run the script without errors.
For more information, please see the following email thread in the Security Onion mailing list:
No comments:
Post a Comment