I have two questions regarding Snort and NST. The 1st Qustion is can I upgrade Snort 22.214.171.124 in NST 2.11.0 to Snort 126.96.36.199, and if so how does one do that? The 2nd question, is it possible to install 2.13.0 directly onto a harddrive, without having to create a livecd? I must also mention that I am new to Linux and NST.
Unfortunately, you can not easily upgrade Snort 188.8.131.52 in NST 2.11.0 (I would not recommend that you try doing this as you have mentioned that Linux is new to you).
NST 2.13.0 will include Snort 184.108.40.206, but unfortunately we are blocked by a couple of Fedora issues that have prevented us from releasing the ISO image (see the News at the NST Wiki site: http://wiki.networksecuritytoolkit.org/nstwiki/index.php/News for details). It looks like the Fedora team is addressing the issue and once its resolved we should be able to release the new version of the NST.
As far as installing the NST onto a hard drive, you need to have a live ISO image either burned to DVD or installed onto a bootable USB thumb drive using the liveusb-creator utility. See: http://wiki.networksecuritytoolkit.org/nstwiki/index.php/Getting_Started and http://wiki.networksecuritytoolkit.org/nstwiki/index.php/NST_USB_FAQ.
Thank you Paul for your quick response.
In answer to the 2nd question, I tried to follow the instructions in creating a LiveCD 2.13.0 in the HOWTO WIKI…..but was not successful, (probably because I don't know what I'm doing!!). I got an error during the ./configure procedure. It gave me the error not able to install: ATMACROS. I thought perhaps I could still compile (if that is the right terminology) the 2.13 from the NST website. Would you be so kind to let me know if that is not possible…..or perhaps I require a revised set of instructions.
Thank you again Paul
Let me just say that I'm quite impressed that you are building your own copy of the 2.13.0 release (being that you are new to Linux and the NST)!
I'm assuming that you were following the instructions from the NST WIKI on building from the source:
Using a Fedora 13 hard disk installation as your development system
Checked out a copy of the NST source code
Ran "./configure" from the top level check out directory
This should take a long time to run the first time (and it probably complained that you needed to yum install some packages before it could continue the build process).
NOTE: You need to be logged in as root and your system needs access to the Internet in order to build the NST (this is why we typically dedicate a system or virtual machines when doing our builds).
The atmacros package should have been built and installed for you automatically. Could you try a top level ./configure again and copy/paste the error displayed on your console here? Also, if configuration fails during the "yum" step, you should have a "yum.log" file present in the same directory where you ran the ./configure script from. If you open yum.log in a text editor (like gedit), could you locate any error messages in this file and paste them here as well?
I attempted to run the high level ./configure and I got this error in the terminal window;
Configuring "yum" dir (can take long time - see yum.log)
***ERROR*** The "yum" configuration failed, see: yum.log
Now if I view the yum.log file here is what I get;
Need to install: atmacros
Loaded plugins: presto, refresh-packagekit
Setting up Install Process
No package atmacros available.
Error: Nothing to do
***ERROR*** Failed to install: atmacros
***ERROR*** We failed to automatically install build required packages!
You will need to install (or build and install) the missing packages
A Makefile has been created to help you build/install packages that
are part of the NST repository. Use commands like the following to
build/install these types of packages:
For example, if you see an error in the output log about being unable
to install "netwib", you could try running the following by hand:
BTW I am looged in as root in GNOME window and I have installed Fedroa 13 with all the yum updates as stated in the instructions….(I'm just lucky I got this far!!!) . Your is very much appreciated Paul
PS… I am doing this in the /opt/nst/trunk folder
OK, you are doing everything correctly.
Unfortunately, I left out some of the steps in the Wiki on how you get some of the initial NST packages installed when starting the build from a Fedora 13 system. There is a "chicken and the egg" issue when getting the build system setup. Instead of updating the Wiki docs, I've updated the yum/configure script which should simplify the process.
You will need to update your source check out and try configuring again from the top level area (the commands below include the steps to remove the NST repository configuration if it happens to be on your system - it probably isn't):
&& /bin/rm /etc/yum.repos.d/nst.repo
The updated script should install a new "/etc/yum.repos.d/nst.repo" file onto your system before it tries to install the "atmacros" package. This should get the atmacros package installed without requiring you to actually build it first.
Sorry for the inconvenience. Let me know if that let's you get further in the configuration process. Also, the first configuration/build cycle will probably take 4 hours or more as a ton of packages will be downloaded and built.
Don't worry about the inconvience Paul….this is helping me learn about Linux and NST….(Baptism in Fire !!!!)…..
Ok Paul…I will try it tonight and let it run through its thing and see how it goes…. you the man Paul!!!!!
Thanks for your help..
Well Paul…..I did the above commands.. and I got past the error of the ATMACROS…..but I did run into the following erros. This error occurs when I do a vi yum.log to view the error;
Found a swap file by the name ".yum.log.swp"
owned by: root dated: Tue Sep 21 19:40:02 2010
file name: /opt/nst/trunk/yum.log
user name: root host name: Intrusion
process ID: 3238
While opening file "yum.log"
dated: Tue Sep 21 22:44:53 2010
NEWER than swap file!
(1) Another program may be editing the same file.
If this is the case, be careful not to end up with two
different instances of the same file when making changes.
Quit, or continue with caution.
(2) An edit session for this file crashed.
If this is the case, use ":recover" or "vim -r yum.log"
to recover the changes (see ":help recovery").
If you did this already, delete the swap file ".yum.log.swp"
to avoid this message.
"yum.log" 43L, 1983C
Press ENTER or type command to continue
Now when I press RETURN to continue I get this error from the Yum.log
Setting up Install Process
-> Running transaction check
--> Package libfwbuilder-devel.i686 0:4.1.1-b3243.fc13 set to be installed
-> Processing Dependency: libfwbuilder = 4.1.1 for package: libfwbuilder-devel-4.1.1-b3243.fc13.i686
-> Processing Dependency: libfwbuilder.so.9 for package: libfwbuilder-devel-4.1.1-b3243.fc13.i686
-> Processing Dependency: libfwcompiler.so.9 for package: libfwbuilder-devel-4.1.1-b3243.fc13.i686
-> Running transaction check
--> Package libfwbuilder.i686 0:4.1.1-b3243.fc13 set to be installed
-> Processing Dependency: libfwbuilder.so.8 for package: libfwbuilder-4.1.1-b3243.fc13.i686
-> Finished Dependency Resolution
Error: Package: libfwbuilder-4.1.1-b3243.fc13.i686 (NstRepo)
Log in to post a comment.