I am installing and configuring Snort 3 on Windows 10. I have installed snort3-3.1.43.0, snort3-community-rules, and snortrules-snapshot-31440 and extracted the files. I am configuring rules in snort.conf in the etc folder with the file path c:/Snort/etc/snort.conf. On lines 511-512, I am trying to configure
511 whitelist $WHITE_LIST_PATH/white_list.rules,
512 blacklist $BLACK_LIST_PATH/black_list.rules
Then I go to the rules folder under Snort and cannot even find the blacklist.rules file.
The reference video I was watching at 11:04 was using Snort 2.9 rules which I am guessing is laid out different, but still have no idea where blacklist.rules are or if I need to make them myself. Let me know if anyone has any recommendations on solving this issue because I haven't found many solutions for it.
https://www.youtube.com/watch?v=4SMKYgXFxuc
I tried looking at the rules again and looking at community rules, but to no avail. Some people said redownload the rules and I have seen no change in the snort rules displaying blacklist.rules to copy.
Related
I'm learning python and now I arrived at 'The web' where I'm told about Apache. They ask me to create a simple file (see below) and save it as /var/www/test/home.wsgi but I can't find a directory like this and don't understand what I have to do here.
I looked for the directory but can't find it, then I started searching on google but can't find the solution.
import bottle
application = bottle.default_app()
#bottle.route('/')
def home():
return "apache and wsgi, sitting in a tree"
Anyone got any idea of what to do here?
/var/www/ is typically the root folder used by Apache for its hosted files. If it doesn't exist on your system, chances are you do not have Apache installed or have it configured to use a different folder.
On my Macbook I was able to track down this folder by checking the DocumentRoot setting in /etc/apache2/httpd.conf.
Not sure what you are trying to do in the grand scheme of things but chances are you will have to configure Apache properly before being able to visit files in your root folder through http://localhost/.
I am working to install elastic search on a LINUX box. As I understand, there are couple of options like tar and RPM. I am not sure on difference between those two. I find tar very easy to download and unzip... Please help explain when you chose tar vs RPM or other options.
Also - I have multiple JRE versions on my servers. Is there a way to specify JRE path to Elastic configuration? At this point I exported JAVA_HOME and started Elastic Search?
tar is a compressed file containing the required binary / config / other files for your application.
RPM is a package manager which allows easier installation of the files which are contained in a tar or multiple tar files.
using a package manager is usually preferable as it can install dependencies and allow cleaner removal or updating of applications.
After installation, I was also facing "bootstrap checks failed" every time I tried to put network.host to M/C IP.
Below changes solved the problem -
network.host: 0.0.0.0
http.port: 9200
transport.host: localhost
transport.tcp.port: 9300
I am working on changing machines from the RHEL world over to the debian/ubuntu world, and I am struggling a bit with a packaging problem. I am trying to build a package for Ubuntu 16.4.
I've got an very old pre-compiled application that can only listen through xinetd. I am creating a binary only package similar to what this person was doing: I need my Debian rules file to simply copy files to it's target. I simply need to copy pre-compiled files into directories.
I have no problem getting files in /opt and in /var/log, however I have been trying to get the dpkg to copy the needed setup file into /etc/xinetd.d/
So I have a debian/package.install file something like this:
opt/oldapplication-3.10/* opt/oldapplication-3.10/
var/log/* var/log/
etc/xinetd.d/oldapplication /etc/xinetd.d
The xinetd setup file never makes it to xinetd.d, and trying to look at the dpkg install with debug doesn't give me any hints. The file is definitely in the tarball, it just simply never gets moved.
Looking through the different dh helper applications, I can't see anything that fits, and google does nothing to illuminate the problem.
Do I have to simply move the file over in a postinst script? Is that the only way to solve this, or is there a more "debian" way to do this by creating a file in the dpkg's debian directory? Is there a more generic setup I should be doing to put files into /etc?
Thanks.
I'm doing a tutorial through lydna.com on setting up linux using virtualbox.
It was going fine until I had to create a file in my development folder. It's been set up as a shared folder so I can write html files straight on to the virtual server (I think).
I'm writing small scripts in to the shared folder and I'm getting a 404 error for each. For something like http://sandbox.dev:8080/errors.php or http://sandbox.dev:8080/hello.html (with just a 'hello world' in there).
Additional Info;
In VirtualBox if I go settings->shared folders->machine folders, my 'sandbox' folder is definitely the one being used.
When I go to http://sandbox.dev:8080/server-status - it works as expected. Information about the server.
I have installed Ubuntu 14.04 LTS. I've installed a lot of packages. Things started going wrong on the 'Configuring the Apache web server' section so maybe it's an apache problem.
I have looked on the server through the command line at /var/www/html. It's looks nothing like the shared folder. Just one index.html which - when looking at it in nano - tells me it's the default ubuntu homepage. But I cannot navigate to it in the URL at all.
Can someone help?
Update apache2.conf by adding directory directive similar but according to your folder's path:
<Directory /mnt/hgfs/sandbox"
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
My confusion was similar to yours - the link sandbox.dev/server-status works, so why not anything else.
By the way I am having this issue because I am adjusting the Jon Peck's instructions to VMware Fusion and Workstation. On VM Workstation no problems what so ever, but my preferred dev environment is on OS X and there VM Fusion (Pro 7.0.1) behave different from its Windows sister - the line .host:/ in the file /etc/fstab doesn't have effect where the share folder sandbox is - it goes by default under /mnt/hgfs.
I gave up adjusting VM Fusion - even open-vm-tools could not help, so will follow Jon Peck's instructions to the letter with VirtualBox and I can share with you if I will have that issue.
Bear with me, this one's not very easy to explain...
I'm trying to configure, make and make install Xfce into my buildroot build directory. When configuring I'm using
--prefix=/home/me/somefolder/mybuild/output/target
so that it builds to the right folder, however when it's compressed and run I get errors from various config files where it's looking for files in
/home/me/somefolder/mybuild/output/target
(which of course doesn't exist.)
How do I set what folder to build into, yet set a different root directory for the config files to use?
Do configure --help and see what other options are available.
It is very common to provide different options to override different locations. By standard, --prefix overrides all of them, so you need to override config location after specifying the prefix. This course of actions usually works for every automake-based project.
The worse case scenario is when you need to modify the configure script, or even worse, generated makefiles and config.h headers. But yeah, for Xfce you can try something like this:
./configure --prefix=/home/me/somefolder/mybuild/output/target --sysconfdir=/etc
I believe that should do it.
In my situation, --prefix= failed to update the path correctly under some warnings or failures. please see the below link for the answer.
https://stackoverflow.com/a/50208379/1283198