Ubuntu 14.04 - Autosnort installation failed #34
Comments
|
Script has an error. Submitted pull request to fix. You can also get fixed script from https://github.com/Danconnolly/Autosnort |
|
Dan, |
|
I uploaded that before I tested it properly. There were a couple more of the same errors. I'm updating now and testing it out. I'll upload another update once ive got it working on my system. Not sure if that would fix your downloading of new rules though. Date: Sat, 15 Nov 2014 09:03:11 -0800 Dan, Another issue I encountered was that autosnort could not download the rules. I used the correct Oink code. Any ideas? — |
|
I've made some more updates for the same error. Still not working for me though. From: [email protected] I uploaded that before I tested it properly. There were a couple more of the same errors. I'm updating now and testing it out. I'll upload another update once ive got it working on my system. Not sure if that would fix your downloading of new rules though. Date: Sat, 15 Nov 2014 09:03:11 -0800 Dan, Another issue I encountered was that autosnort could not download the rules. I used the correct Oink code. Any ideas? — |
|
Adding double quotes around the first few statements that referenced $execdir fixed this problem for me. |
|
@Yaminick can you be more specific about what you mean regarding the "first few statements"? Double quotes around what specifically? I'm not being passive aggressive. |
|
Adding the Double Quotes around the $execdir worked for me. |
|
I was able to get around it without utilizing Dan's fork (thanks for putting that up by the way! I'm getting a 404 when I hit the link): vi autosnort-debian-xx-xx-xx.sh Prior to this I had to comment out the packages.dotdeb.org block...but i'm doing this in raspbian with the debian autosnort install script. |
I think it failed at the ##ui_inst## step.
"
ui_inst
This option sets whether or not Autosnort will install and configure a local Apache and mysql-server in order to install a web-based intrusion event review interface.
If you want to install a web-based IDS event console (e.g. snorby) this option MUST be set to 1.
Options
#1: Setting ui_inst to 1 enables apache and mysql server to be enabled on startup. This is required for web-based IDS event review consoles. It also generates a private key and self-signed cert for SSL operation.
#2: Setting ui_inst to 2 means apache and mysql will not be configured to run on startup, you will not have an private key and self-signed cert generated.
default setting: 1 (Installs mysql and apache in order to install a fully functional stand-alone sensor)
ui_inst=1
"
This is the log information:
�[01;34m[]�[0m Checking for config file..
./autosnort-ubuntu-11-02-2014.sh: line 140: [: too many arguments
�[01;32m[]�[0m Found config file.
./autosnort-ubuntu-11-02-2014.sh: line 147: /tmp/Autosnort: No such file or directory
�[01;34m[]�[0m OS Version Check..
�[01;32m[]�[0m OS is Ubuntu. Good to go.
�[01;34m[]�[0m Checking for root privs..
�[01;32m[]�[0m We are root.
�[01;34m[]�[0m Checking to ensure sshd is running..
ssh: unrecognized service
�[01;33m[]�[0m
�[01;34m[]�[0m Wget check..
�[01;32m[]�[0m Found wget.
�[01;34m[]�[0m Performing apt-get update and upgrade (May take a while if this is a fresh install)..
�[01;32m[]�[0m System updates successfully completed.
�[01;34m[]�[0m Installing base packages: ethtool build-essential libpcap0.8-dev libpcre3-dev bison flex autoconf libtool libmysqlclient-dev libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 libarchive-tar-perl libcrypt-ssleay-perl libwww-perl..
�[01;32m[]�[0m Package installation successfully completed.
�[01;33m[*]�[0m Invalid choice, Check your full_autosnort.conf file and try again.
/extras.ubuntu.com trusty Release.gpg
The text was updated successfully, but these errors were encountered: