Currently browsing tag

ids

Running Snorby on Debian (lenny) with Snort, Barnyard2 and Apache2

I recently setup a Snort sensor on a dedicated box and initially had it all running and happy. Then I stumbled across Snorby, and thought “that looks pretty mint, I might try that out” as BASE just wasn’t doing it for me on its own. In this article I’ll try and piece together a little about what the initial set-up was and how I managed to get Snorby up and running (and how I managed to get stuck several times along the way).