joanbono
commented
7 years ago I will take a look. Stay in touch.
Could you confirm that Snort is installed writing:
snort -vAnd pasting here the output?
Thanks!
Closed dimaspencer84 closed 7 years ago
joanbono
commented
7 years ago I will take a look. Stay in touch.
Could you confirm that Snort is installed writing:
snort -vAnd pasting here the output?
Thanks!
dimaspencer84
commented
7 years ago I get this, then the packet capture starts...
Running in packet dump mode
--== Initializing Snort ==--
Initializing Output Plugins!
pcap DAQ configured to passive.
Acquiring network traffic from "eth0".
Decoding Ethernet
--== Initialization Complete ==--
,,_ -*> Snort! <*-
o" )~ Version 2.9.9.0 GRE (Build 56)
'''' By Martin Roesch & The Snort Team: http://www.snort.org/contact#team
Copyright (C) 2014-2016 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using libpcap version 1.8.1
Using PCRE version: 8.39 2016-06-14
Using ZLIB version: 1.2.8
Commencing packet processing (pid=1266)
WARNING: No preprocessors configured for policy 0.
05/15-09:31:07.025269 192.168.2.25 -> 224.0.0.22
IGMP TTL:1 TOS:0xC0 ID:0 IpLen:24 DgmLen:40 DF
IP Options (1) => RTRALT
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
WARNING: No preprocessors configured for policy 0.
05/15-09:31:07.627716 192.168.2.80 -> 224.0.0.22
IGMP TTL:1 TOS:0xC0 ID:0 IpLen:24 DgmLen:40 DF
IP Options (1) => RTRALT
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Well, the installation works, so it's the service creation the part which is not working as expected.
OK, will work on it. Good catch.
joanbono
commented
7 years ago Hi @dimaspencer84 , seems like a problem creating a service when using systemd, could you take a look on this or try to create another service?
Thanks
dimaspencer84
commented
7 years ago Hi @joanbono , it worked after the creation of another service.
Thank you very much ! :-)
joanbono
commented
7 years ago Hi @dimaspencer84 Could you explain here how do you create the service?
Maybe I can add to the script if possible or even to the Instructions.
Thanks
dimaspencer84
commented
7 years ago Hi @joanbono ! I've juste created a new service (snort.service) in the /lib/systemd/system/ folder with these informations:
[Unit]
Description=Snort NIDS Daemon
After=syslog.target network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0
[Install]
WantedBy=multi-user.targetI activated the new service, started it then it worked !
joanbono
commented
7 years ago Thanks @dimaspencer84 π
I guess you activate the new service doing:
systemctl enable snort.service
systemctl start snort.serviceAm I right? Could you paste the output of systemctl status snort or systemctl status snort.service?
dimaspencer84
commented
7 years ago Yes I activated the new service by doing :
systemctl enable snort.service
systemctl start snort.serviceHere is the output of systemctl status snort.service
snort.service - Snort NIDS Daemon
Loaded: loaded (/lib/systemd/system/snort.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2017-05-18 13:15:11 BST; 7min ago
Main PID: 586 (snort)
CGroup: /system.slice/snort.service
ββ586 /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0
May 18 13:15:11 dima systemd[1]: Started Snort NIDS Daemon.Awesome! Will add this to the main script!!
Thanks a lot @dimaspencer84 π
Snorter v1.0.0 is coming π·
joanbono
commented
7 years ago Just added the Instructions to add a Kali Service on the README.md file.
Added also your name, thanks a lot π
Hi I'm trying to use Snorter to install snort on a fresh installation of Kali 2017. I followed all the instructions and everything was fine during the installation. Though after the reboot, I can't start Snort service, I get the following error message. What could be the problem ?