Minor issues during install on 12/12/2015

[Iko]

Very nice tutorial. I like that it's not automated and you kinda get the relationships between the components. A couple of observations, installing this on 12/12/2015:

1. The snort package has been updated, and the tutorial link to version 2.9.7.6 returns a file not found message. I went ahead and downloaded version 8.0 instead.

2. Perl is not added to the environment PATH and hence will only execute from its home directory.

3. 2 of the signature files will cause McAfee to quarantine them as Exploit-InvCSS Trojans. They are 18174.txt and 18175.txt. I did return them from "exile". 

Other than that, I look forward playing with it.

[Morpheus]

9 hours ago, Iko said:

Very nice tutorial. I like that it's not automated and you kinda get the relationships between the components. A couple of observations, installing this on 12/12/2015:

1. The snort package has been updated, and the tutorial link to version 2.9.7.6 returns a file not found message. I went ahead and downloaded version 8.0 instead.

2. Perl is not added to the environment PATH and hence will only execute from its home directory.

3. 2 of the signature files will cause McAfee to quarantine them as Exploit-InvCSS Trojans. They are 18174.txt and 18175.txt. I did return them from "exile". 

Other than that, I look forward playing with it.

1) I was waiting for Sourcefire to update the rule package to 2980 before releasing the updated tutorials. Not sure what is going on but there seems to be some disagreements between the two divisions that is causing a delay. However the updated tutorials are now online to fix this. I'm not sure why they pulled 2.9.7.6 from the repository.

2) I just checked on a new install a few days ago and the paths for Perl were added.

3) You might want to place an exclusion into McAfee for the signatures folder. That's a strange one...