Hi all,
I am trying to install and IDS system on a kali linux VM for use in a lab and have come across a problem. I have installed Snort, Barnyard2, mysql, pulledpork and BASE and i am attempting to write the output from snort to the DB and view it through the base GUI (like this guide:
).
However, despite having everything installed, nothing is happening. Base runs but shows no packets, when i traced the problem back i found it might relate to barnyard2 reading the sid-msg.map in the snort Dir. When i run the command:
So there seems to be some kind of problem with passing/reading the output from one stage to another.
Does anyone have enough knowledge of this type of setup to advise on what has gone wrong?
I am trying to install and IDS system on a kali linux VM for use in a lab and have come across a problem. I have installed Snort, Barnyard2, mysql, pulledpork and BASE and i am attempting to write the output from snort to the DB and view it through the base GUI (like this guide:
).However, despite having everything installed, nothing is happening. Base runs but shows no packets, when i traced the problem back i found it might relate to barnyard2 reading the sid-msg.map in the snort Dir. When i run the command:
Code: Select all
All i get is errors on every line that it tried to read/process. I also tried running:# /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /etc/snort/bylog.waldo -G /etc/snort/gen-msg.map -S
/etc/snort/sid-msg.map -C /etc/snort/classification.config &Code: Select all
To see if the count would increment - it did not.mysql -uroot -p -D snort -e "select count(*) from event" #So there seems to be some kind of problem with passing/reading the output from one stage to another.
Does anyone have enough knowledge of this type of setup to advise on what has gone wrong?
