is there any way to automatically import honeycomb signatures to snort ?
I tried to follow your tutorial for protection, but for some reason the security level set from I believe compliance to enforce has blocked firefox 3. Is there a way to reverse this? Or clear the process and go back to the beginning?
I was just reading this tutorial and it says to use airsnort if you use wireless. When I go to the airsnort site it says that the project is dead. Is there an alternitive I should use? Thanks
Is there any way to verify that my database if being populated with data? I run snort -v, and I see it capturing data. I have also set up the database, and I see the tables in it. How do I run snort to push data to the database, and then what command do I run in the database to see the data just collected please? Oh btw, the bleeding rules url does not work. Does anyone have another link where these rules can be downloaded for snort18.104.22.168?
Thanks bodhi. Something else is puzzling me now. I am trying to download rules. So I right clicked on the "download" link for the rule, and selected "copy link location", then I move to xterm window, and pasted the clipboard content in front of wget and pressed return. All I get is a 10K file. I seem to be able to download the same file fine using the browser. Any idea?
I downloaded your script, and put it in the right directory, but when I run it I see the following error from snort:
Here is where the script is:Code:Uh, you need to tell me to do something... Fatal Error, Quitting..
I think the permissions and everything else is as you stated. I am not sure why I get this error.Code:@thunder:/etc/init.d$ ls -al snort -r-x------ 1 root root 4077 2009-04-04 13:14 snort @thunder:/etc/init.d$