Virtual Lab/Network Issue - Snort
by Felthorn3 from LinuxQuestions.org on (#5HBFK)
Hi all,
To preface, I am a noob to Linux for the most part. I just completed the CompTIA trifecta and realize that most of the learning is theory so my aim is to get hands-on experience. I found Tony Robinson's book "Building Virtual Machine Labs: A Hands-on Guide" and up until this point I've found it amazing. I am now, however, beyond frustrated and at my wits end. I'm hoping someone reading this has worked through the book and can give me some assistance. This is on VirtualBox btw.
I'm to the point where I'm installing Snort onto my IPS and I have gone back and verified my configurations were done exactly as prescribed in the book. I had to fight with the Talos blocklist download in the .sh file for ages before I got Autosnort to use a valid URL to download from. After that, the installer completed and the IPS rebooted and I thought I was all good. However, now when I run the next prescribed command, ps -ef | grep snort, I get the below:
https://imgur.com/iEhLdCD
This doesn't match what's in the screenshot in his book and obviously the service isn't running/working. I don't know what to do to troubleshoot this as from what I can tell my configurations were as specified. By all accounts it should be working(yes I have pfSense up and running and Adapter 1 and 2 both have IP addresses, and the machine can reach the internet via the curl command).
Any assistance is greatly appreciated.
To preface, I am a noob to Linux for the most part. I just completed the CompTIA trifecta and realize that most of the learning is theory so my aim is to get hands-on experience. I found Tony Robinson's book "Building Virtual Machine Labs: A Hands-on Guide" and up until this point I've found it amazing. I am now, however, beyond frustrated and at my wits end. I'm hoping someone reading this has worked through the book and can give me some assistance. This is on VirtualBox btw.
I'm to the point where I'm installing Snort onto my IPS and I have gone back and verified my configurations were done exactly as prescribed in the book. I had to fight with the Talos blocklist download in the .sh file for ages before I got Autosnort to use a valid URL to download from. After that, the installer completed and the IPS rebooted and I thought I was all good. However, now when I run the next prescribed command, ps -ef | grep snort, I get the below:
https://imgur.com/iEhLdCD
This doesn't match what's in the screenshot in his book and obviously the service isn't running/working. I don't know what to do to troubleshoot this as from what I can tell my configurations were as specified. By all accounts it should be working(yes I have pfSense up and running and Adapter 1 and 2 both have IP addresses, and the machine can reach the internet via the curl command).
Any assistance is greatly appreciated.