search

da667 / Autosnort

Repo for autosnort scripts.
MIT License
157 stars 89 forks source link

Ubuntu 14.04 - Autosnort installation failed #34

Open kratos7002 opened 9 years ago

kratos7002 commented 9 years ago

I think it failed at the ##ui_inst## step. "

ui_inst

This option sets whether or not Autosnort will install and configure a local Apache and mysql-server in order to install a web-based intrusion event review interface.

If you want to install a web-based IDS event console (e.g. snorby) this option MUST be set to 1.

Options

1: Setting ui_inst to 1 enables apache and mysql server to be enabled on startup. This is required for web-based IDS event review consoles. It also generates a private key and self-signed cert for SSL operation.

2: Setting ui_inst to 2 means apache and mysql will not be configured to run on startup, you will not have an private key and self-signed cert generated.

default setting: 1 (Installs mysql and apache in order to install a fully functional stand-alone sensor)

ui_inst=1 "

This is the log information:

[] Checking for config file.. ./autosnort-ubuntu-11-02-2014.sh: line 140: [: too many arguments [] Found config file. ./autosnort-ubuntu-11-02-2014.sh: line 147: /tmp/Autosnort: No such file or directory [] OS Version Check.. [] OS is Ubuntu. Good to go. [] Checking for root privs.. [] We are root. [] Checking to ensure sshd is running.. ssh: unrecognized service [] [] Wget check.. [] Found wget. [] Performing apt-get update and upgrade (May take a while if this is a fresh install).. [] System updates successfully completed. [] Installing base packages: ethtool build-essential libpcap0.8-dev libpcre3-dev bison flex autoconf libtool libmysqlclient-dev libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 libarchive-tar-perl libcrypt-ssleay-perl libwww-perl.. [] Package installation successfully completed. [*] Invalid choice, Check your full_autosnort.conf file and try again. /extras.ubuntu.com trusty Release.gpg

Danconnolly commented 9 years ago

Script has an error. Submitted pull request to fix. You can also get fixed script from https://github.com/Danconnolly/Autosnort

kratos7002 commented 9 years ago

Dan, Another issue I encountered was that autosnort could not download the rules. I used the correct Oink code. Any ideas?

Danconnolly commented 9 years ago

I uploaded that before I tested it properly. There were a couple more of the same errors. I'm updating now and testing it out. I'll upload another update once ive got it working on my system.

Not sure if that would fix your downloading of new rules though.

Date: Sat, 15 Nov 2014 09:03:11 -0800 From: notifications@github.com To: Autosnort@noreply.github.com CC: dan.connolly@outlook.com Subject: Re: [Autosnort] Ubuntu 14.04 - Autosnort installation failed (#34)

Dan,

Another issue I encountered was that autosnort could not download the rules. I used the correct Oink code.

Any ideas?

— Reply to this email directly or view it on GitHub.

                  =
Danconnolly commented 9 years ago

I've made some more updates for the same error. Still not working for me though.

From: dan.connolly@outlook.com To: reply@reply.github.com; autosnort@noreply.github.com Subject: RE: [Autosnort] Ubuntu 14.04 - Autosnort installation failed (#34) Date: Sat, 15 Nov 2014 18:08:53 +0100

I uploaded that before I tested it properly. There were a couple more of the same errors. I'm updating now and testing it out. I'll upload another update once ive got it working on my system.

Not sure if that would fix your downloading of new rules though.

Date: Sat, 15 Nov 2014 09:03:11 -0800 From: notifications@github.com To: Autosnort@noreply.github.com CC: dan.connolly@outlook.com Subject: Re: [Autosnort] Ubuntu 14.04 - Autosnort installation failed (#34)

Dan,

Another issue I encountered was that autosnort could not download the rules. I used the correct Oink code.

Any ideas?

— Reply to this email directly or view it on GitHub.

                                      =
ncplol commented 9 years ago

Adding double quotes around the first few statements that referenced $execdir fixed this problem for me.

peasead commented 9 years ago

@Yaminick can you be more specific about what you mean regarding the "first few statements"? Double quotes around what specifically?

I'm not being passive aggressive.

airforceboricua commented 9 years ago

Adding the Double Quotes around the $execdir worked for me.

megamegamega commented 8 years ago

I was able to get around it without utilizing Dan's fork (thanks for putting that up by the way! I'm getting a 404 when I hit the link):

vi autosnort-debian-xx-xx-xx.sh : :%s/$execdir/"$execdir"/g :wq!

Prior to this I had to comment out the packages.dotdeb.org block...but i'm doing this in raspbian with the debian autosnort install script.