tag:blogger.com,1999:blog-7554630712114756330.post7750828703430185975..comments2014-08-26T13:29:06.855-04:00Comments on Security Onion: Installing Snort 3.0 (SnortSP) Beta 3 on Ubuntu 8.04 in 3 StepsDoug Burkshttp://www.blogger.com/profile/09074300658047188367noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-7554630712114756330.post-80048845504602162392010-03-01T18:58:33.289-05:002010-03-01T18:58:33.289-05:00Hello again Dolphin,
I'm not sure why "m...Hello again Dolphin,<br /><br />I'm not sure why "mkdir -p /etc/snortsp" would work when "mkdir /etc/snortsp" wouldn't. You should've already had a /etc directory so the "-p" option should not have been necessary.<br /><br />The problem with your ./configure command is that you missed the spaces before the backslashes. <br /><br />Is there some reason in particular you're choosing to compile the unsupported beta version of SnortSP (Snort 3.0) instead of the supported version of Snort 2.8 (currently 2.8.5.3)?<br /><br />Regards,<br />Doug BurksDoug Burkshttps://www.blogger.com/profile/13264220999894786719noreply@blogger.comtag:blogger.com,1999:blog-7554630712114756330.post-63684581666949972902010-03-01T12:24:12.051-05:002010-03-01T12:24:12.051-05:00thanks for the concern!
i tried today and managed...thanks for the concern!<br /><br />i tried today and managed to get till the penultimate step but it replies that no such file or directory exists. also, mkdir /etc/snortsp didn't work directly and I had to use -p option to create the directory.<br /><br />root@dolphin-laptop:/usr/local/src/snortsp-3.0.0b3/src/analysis/snort# ./configure\<br />> --with-platform-includes=/usr/local/include\<br />> --with-platform-libraries=/usr/local/lib<br />-bash: ./configure--with-platform-includes=/usr/local/include--with-platform-libraries=/usr/local/lib: No such file or directoryauthor_number_2https://www.blogger.com/profile/06885037429065858139noreply@blogger.comtag:blogger.com,1999:blog-7554630712114756330.post-61303334302333828232010-03-01T06:17:49.572-05:002010-03-01T06:17:49.572-05:00Hello again Dolphin,
The "Forbidden" er...Hello again Dolphin,<br /><br />The "Forbidden" error is not coming from your local system; it is an HTTP 403 Forbidden error coming from snort.org. The most likely cause is that you exceeded the download limit for snort.org. If you put the address in a browser, you would probably see the full HTTP 403 Forbidden error like the following:<br /><br /><i>403 Forbidden<br />You may download this file again in 15 minutes.</i><br /><br />Please try your download again today and see if you're successful.<br /><br />Thanks,<br />Doug BurksDoug Burkshttps://www.blogger.com/profile/13264220999894786719noreply@blogger.comtag:blogger.com,1999:blog-7554630712114756330.post-72121315276659181682010-02-28T17:14:31.160-05:002010-02-28T17:14:31.160-05:00I've tried doing that but didn't work for ...I've tried doing that but didn't work for me. instead i tried continuing in the downloads folder itself! <br /><br />looks like i messed it up entirely. i couldn't run from 'mkdir /etc/snortsp/' step.<br /><br />do i need to roll back? <br /><br />thanks,<br />dolphinauthor_number_2https://www.blogger.com/profile/06885037429065858139noreply@blogger.comtag:blogger.com,1999:blog-7554630712114756330.post-92031663109562103142010-02-28T16:57:14.833-05:002010-02-28T16:57:14.833-05:00thank you for the reply doug!
when i run the wget...thank you for the reply doug!<br /><br />when i run the wget command,this is the reply<br /><br />root@dolphin-laptop:/usr/local/src# wget http://dl.snort.org/snortsp/\<br />> snortsp-3.0.0b3.tar.gz<br />--2010-02-28 15:54:36-- http://dl.snort.org/snortsp/snortsp-3.0.0b3.tar.gz<br />Resolving dl.snort.org... 68.177.102.34<br />Connecting to dl.snort.org|68.177.102.34|:80... connected.<br />HTTP request sent, awaiting response... 403 Forbidden<br />2010-02-28 15:54:36 ERROR 403: Forbidden.<br /><br />I'm not sure why the forbidden error arises, I'm executing the commands in root mode!author_number_2https://www.blogger.com/profile/06885037429065858139noreply@blogger.comtag:blogger.com,1999:blog-7554630712114756330.post-80870970539618761942010-02-28T16:06:36.543-05:002010-02-28T16:06:36.543-05:00Hi Dolphin,
It looks like the download link for S...Hi Dolphin,<br /><br />It looks like the download link for Snort 3.0 Beta 3 changed. Here's the new link:<br />http://dl.snort.org/snortsp/snortsp-3.0.0b3.tar.gz<br /><br />I've updated the procedure to reflect the new link.<br /><br />Thanks,<br />Doug BurksDoug Burkshttps://www.blogger.com/profile/13264220999894786719noreply@blogger.comtag:blogger.com,1999:blog-7554630712114756330.post-9645915655390200222010-02-28T03:53:15.582-05:002010-02-28T03:53:15.582-05:00thank you for the detailed procedure. steps 1 and ...thank you for the detailed procedure. steps 1 and 2 worked for me but step 3 doesn't work for me. im running ubuntu karmic koala 9.1<br /><br />ive tried snort 3 (b2)and snort 3 beta (b3) but both didn't work. can you help me?author_number_2https://www.blogger.com/profile/06885037429065858139noreply@blogger.comtag:blogger.com,1999:blog-7554630712114756330.post-35036274298328860292009-05-30T12:35:50.612-04:002009-05-30T12:35:50.612-04:00Thank you for posting the /bin/sh --> /bin/dash...Thank you for posting the /bin/sh --> /bin/dash symlink fix. I thought I was going crazy just trying to make simple rules to work. Much appreciated!-Andynoreply@blogger.com