I installed snort with one tutorial but got called away half way through and when I finished it, I think I accidental used a different tutorial. Any way it is not working and I want to uninstall it and re-install from scratch. 1)How do I uninstall snort from the command line? 2)I have since noticed that there are a number of methods to install snort and was wondering what the difference between them. For example SNORT and BASE on a CLEAN "The Perfect Setup - Debian Sarge (3.1)" http://www.howtoforge.com/forums/showthread.php?t=5163&highlight=snort+ispconfig and Intrusion Detection: Snort, Base, MySQL, and Apache2 On Ubuntu 7.10 (Gutsy Gibbon) (Updated) http://www.howtoforge.com/intrusion-detection-with-snort-mysql-apache2-on-ubuntu-7.10-updated 3)My server is Ubuntu 8.04 and I have ispconfig installed would you use Synaptic package manager to install snort or one of the above tutorials?
Since you are on Ubuntu, I'd try this one: http://www.howtoforge.com/intrusion-detection-with-snort-mysql-apache2-on-ubuntu-7.10-updated
Installed but not recording anything. I managed to get snort and base uninstalled. I then installed them from scratch using the tutorial Falko suggested above. When I test snort with snort -c /etc/snort/snort.conf I get the ascii pig. I then setup Base and it is working when I type ps aux | grep snort I get root 5575 0.0 3.6 43504 21444 ? Ss 03:02 0:11 /usr/local/bin/snort -c /etc/snort/snort.conf -i eth0 -g root -D root 10817 0.0 0.1 3008 784 pts/0 S+ 15:09 0:00 grep snort I even followed the additional instructions and I think that oinkmaster is getting the rules. But Base is not reporting any alerts. I have read lots of the posts where others are having problems with snort but I have not been able to find any problems or get it working. Any and all suggestions will be apreciated.
