Setting up snort












0















I'm doing a project for a class, and I keep running into an issue. The professor and tutor are unable to help. I entered the following commands to install snort onto Ubuntu: (DAQ was already installed)



sudo apt-get install libluajit-5.1-2 libluajit-5.1-common libluajit-5.1-dev luajit
sudo apt-get install libdumbnet-dev
wget https://www.snort.org/downloads/snort/snort-2.9.12.tar.gz
tar xvzf snort-2.9.12.tar.gz
cd snort-2.9.12
./configure --enable-sourcefire --disable-open-appid
make
sudo checkinstall
sudo dpkg -i snort_2.9.12-1_amd64.deb
sudo ln -s /usr/local/bin/snort /usr/sbin/snort
sudo ldconfig -v
snort -V # used to test snort
cd -


I then downloaded the snort rules snapshot, and ran the following commands:



cd
cd Downloads
sudo mkdir -p /etc/snort
sudo tar -xvzf snortrules-snapshot-29110.tar.gz –C /etc/snort/
sudo touch /etc/snort/rules/white_list.rules
sudo touch /etc/snort/rules/black_list.rules
sudo mkdir /usr/local/lib/snort_dynmicrules
sudo mv /etc/snort/etc/* etc/snort


but when I enter the last command sudo mv /etc/snort/etc/* etc/snort, I get the following error message:



mv: target 'etc/snort' is not a directory









share|improve this question

























  • Did you mean sudo mv /etc/snort/etc/* /etc/snort? Your command line is missing the leading slash there…

    – dessert
    Jan 20 at 21:53











  • And have you checked? It there a directory named etc in the current directory? Does it contain a directory named snort? If not, why would you expect the mv command to work?

    – AlexP
    Jan 20 at 21:54






  • 1





    I'm sorry, but what was wrong with installing Snort from universe repository as simple as sudo apt install snort?

    – N0rbert
    Jan 20 at 22:03











  • @N0rbert This repo has v2.9.7 even for Cosmic while OP tries to install v2.9.12. The differences are not trivial, see the changelog.

    – dessert
    Jan 20 at 22:45


















0















I'm doing a project for a class, and I keep running into an issue. The professor and tutor are unable to help. I entered the following commands to install snort onto Ubuntu: (DAQ was already installed)



sudo apt-get install libluajit-5.1-2 libluajit-5.1-common libluajit-5.1-dev luajit
sudo apt-get install libdumbnet-dev
wget https://www.snort.org/downloads/snort/snort-2.9.12.tar.gz
tar xvzf snort-2.9.12.tar.gz
cd snort-2.9.12
./configure --enable-sourcefire --disable-open-appid
make
sudo checkinstall
sudo dpkg -i snort_2.9.12-1_amd64.deb
sudo ln -s /usr/local/bin/snort /usr/sbin/snort
sudo ldconfig -v
snort -V # used to test snort
cd -


I then downloaded the snort rules snapshot, and ran the following commands:



cd
cd Downloads
sudo mkdir -p /etc/snort
sudo tar -xvzf snortrules-snapshot-29110.tar.gz –C /etc/snort/
sudo touch /etc/snort/rules/white_list.rules
sudo touch /etc/snort/rules/black_list.rules
sudo mkdir /usr/local/lib/snort_dynmicrules
sudo mv /etc/snort/etc/* etc/snort


but when I enter the last command sudo mv /etc/snort/etc/* etc/snort, I get the following error message:



mv: target 'etc/snort' is not a directory









share|improve this question

























  • Did you mean sudo mv /etc/snort/etc/* /etc/snort? Your command line is missing the leading slash there…

    – dessert
    Jan 20 at 21:53











  • And have you checked? It there a directory named etc in the current directory? Does it contain a directory named snort? If not, why would you expect the mv command to work?

    – AlexP
    Jan 20 at 21:54






  • 1





    I'm sorry, but what was wrong with installing Snort from universe repository as simple as sudo apt install snort?

    – N0rbert
    Jan 20 at 22:03











  • @N0rbert This repo has v2.9.7 even for Cosmic while OP tries to install v2.9.12. The differences are not trivial, see the changelog.

    – dessert
    Jan 20 at 22:45
















0












0








0








I'm doing a project for a class, and I keep running into an issue. The professor and tutor are unable to help. I entered the following commands to install snort onto Ubuntu: (DAQ was already installed)



sudo apt-get install libluajit-5.1-2 libluajit-5.1-common libluajit-5.1-dev luajit
sudo apt-get install libdumbnet-dev
wget https://www.snort.org/downloads/snort/snort-2.9.12.tar.gz
tar xvzf snort-2.9.12.tar.gz
cd snort-2.9.12
./configure --enable-sourcefire --disable-open-appid
make
sudo checkinstall
sudo dpkg -i snort_2.9.12-1_amd64.deb
sudo ln -s /usr/local/bin/snort /usr/sbin/snort
sudo ldconfig -v
snort -V # used to test snort
cd -


I then downloaded the snort rules snapshot, and ran the following commands:



cd
cd Downloads
sudo mkdir -p /etc/snort
sudo tar -xvzf snortrules-snapshot-29110.tar.gz –C /etc/snort/
sudo touch /etc/snort/rules/white_list.rules
sudo touch /etc/snort/rules/black_list.rules
sudo mkdir /usr/local/lib/snort_dynmicrules
sudo mv /etc/snort/etc/* etc/snort


but when I enter the last command sudo mv /etc/snort/etc/* etc/snort, I get the following error message:



mv: target 'etc/snort' is not a directory









share|improve this question
















I'm doing a project for a class, and I keep running into an issue. The professor and tutor are unable to help. I entered the following commands to install snort onto Ubuntu: (DAQ was already installed)



sudo apt-get install libluajit-5.1-2 libluajit-5.1-common libluajit-5.1-dev luajit
sudo apt-get install libdumbnet-dev
wget https://www.snort.org/downloads/snort/snort-2.9.12.tar.gz
tar xvzf snort-2.9.12.tar.gz
cd snort-2.9.12
./configure --enable-sourcefire --disable-open-appid
make
sudo checkinstall
sudo dpkg -i snort_2.9.12-1_amd64.deb
sudo ln -s /usr/local/bin/snort /usr/sbin/snort
sudo ldconfig -v
snort -V # used to test snort
cd -


I then downloaded the snort rules snapshot, and ran the following commands:



cd
cd Downloads
sudo mkdir -p /etc/snort
sudo tar -xvzf snortrules-snapshot-29110.tar.gz –C /etc/snort/
sudo touch /etc/snort/rules/white_list.rules
sudo touch /etc/snort/rules/black_list.rules
sudo mkdir /usr/local/lib/snort_dynmicrules
sudo mv /etc/snort/etc/* etc/snort


but when I enter the last command sudo mv /etc/snort/etc/* etc/snort, I get the following error message:



mv: target 'etc/snort' is not a directory






command-line snort






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 21 at 0:33









karel

59.1k13128149




59.1k13128149










asked Jan 20 at 21:28









python paradisepython paradise

6




6













  • Did you mean sudo mv /etc/snort/etc/* /etc/snort? Your command line is missing the leading slash there…

    – dessert
    Jan 20 at 21:53











  • And have you checked? It there a directory named etc in the current directory? Does it contain a directory named snort? If not, why would you expect the mv command to work?

    – AlexP
    Jan 20 at 21:54






  • 1





    I'm sorry, but what was wrong with installing Snort from universe repository as simple as sudo apt install snort?

    – N0rbert
    Jan 20 at 22:03











  • @N0rbert This repo has v2.9.7 even for Cosmic while OP tries to install v2.9.12. The differences are not trivial, see the changelog.

    – dessert
    Jan 20 at 22:45





















  • Did you mean sudo mv /etc/snort/etc/* /etc/snort? Your command line is missing the leading slash there…

    – dessert
    Jan 20 at 21:53











  • And have you checked? It there a directory named etc in the current directory? Does it contain a directory named snort? If not, why would you expect the mv command to work?

    – AlexP
    Jan 20 at 21:54






  • 1





    I'm sorry, but what was wrong with installing Snort from universe repository as simple as sudo apt install snort?

    – N0rbert
    Jan 20 at 22:03











  • @N0rbert This repo has v2.9.7 even for Cosmic while OP tries to install v2.9.12. The differences are not trivial, see the changelog.

    – dessert
    Jan 20 at 22:45



















Did you mean sudo mv /etc/snort/etc/* /etc/snort? Your command line is missing the leading slash there…

– dessert
Jan 20 at 21:53





Did you mean sudo mv /etc/snort/etc/* /etc/snort? Your command line is missing the leading slash there…

– dessert
Jan 20 at 21:53













And have you checked? It there a directory named etc in the current directory? Does it contain a directory named snort? If not, why would you expect the mv command to work?

– AlexP
Jan 20 at 21:54





And have you checked? It there a directory named etc in the current directory? Does it contain a directory named snort? If not, why would you expect the mv command to work?

– AlexP
Jan 20 at 21:54




1




1





I'm sorry, but what was wrong with installing Snort from universe repository as simple as sudo apt install snort?

– N0rbert
Jan 20 at 22:03





I'm sorry, but what was wrong with installing Snort from universe repository as simple as sudo apt install snort?

– N0rbert
Jan 20 at 22:03













@N0rbert This repo has v2.9.7 even for Cosmic while OP tries to install v2.9.12. The differences are not trivial, see the changelog.

– dessert
Jan 20 at 22:45







@N0rbert This repo has v2.9.7 even for Cosmic while OP tries to install v2.9.12. The differences are not trivial, see the changelog.

– dessert
Jan 20 at 22:45












1 Answer
1






active

oldest

votes


















1














The last command is incorrect. You are getting the mv: target 'etc/snort' is not a directory error message because etc/snort is not a directory, but /etc/snort is a directory. The last command should be:



sudo mv /etc/snort/etc/* /etc/snort





share|improve this answer

























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "89"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1111489%2fsetting-up-snort%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    The last command is incorrect. You are getting the mv: target 'etc/snort' is not a directory error message because etc/snort is not a directory, but /etc/snort is a directory. The last command should be:



    sudo mv /etc/snort/etc/* /etc/snort





    share|improve this answer






























      1














      The last command is incorrect. You are getting the mv: target 'etc/snort' is not a directory error message because etc/snort is not a directory, but /etc/snort is a directory. The last command should be:



      sudo mv /etc/snort/etc/* /etc/snort





      share|improve this answer




























        1












        1








        1







        The last command is incorrect. You are getting the mv: target 'etc/snort' is not a directory error message because etc/snort is not a directory, but /etc/snort is a directory. The last command should be:



        sudo mv /etc/snort/etc/* /etc/snort





        share|improve this answer















        The last command is incorrect. You are getting the mv: target 'etc/snort' is not a directory error message because etc/snort is not a directory, but /etc/snort is a directory. The last command should be:



        sudo mv /etc/snort/etc/* /etc/snort






        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Jan 21 at 0:37

























        answered Jan 21 at 0:28









        karelkarel

        59.1k13128149




        59.1k13128149






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Ask Ubuntu!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1111489%2fsetting-up-snort%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            flock() on closed filehandle LOCK_FILE at /usr/bin/apt-mirror

            Mangá

            Eduardo VII do Reino Unido