Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Error in installation of Snort 2.97.0
Homework and Emergencies Homework & Coursework Questions Error in installation of Snort 2.97.0 Post 302925665 by Corona688 on Tuesday 18th of November 2014 12:36:23 PM
Old 11-18-2014
It inevitably requires administrator access to snoop on your system in that way. You could use sudo instead of logging into a different account.
 

7 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

snort installation on freebsd issues

i'm following the, "How to setup and secure Snort, MySQL and Acid on FreeBSD 4.6 Release" off of the snort.org website. in the documentation it says snort should be installed through the following: ----- make -DWITH_MYSQL -DWITH_FLEXRESP ; make install ----- later it says to do the... (13 Replies)
Discussion started by: xyyz
13 Replies

2. BSD

Snort on openbsd

Im trying to gather some info to set up snort on openbsd 3.2, has anyone out there managed to get it up and running ? My initial attempts seem to be quite below par (4 Replies)
Discussion started by: malcontent
4 Replies

3. Linux

snort port no

Hi, can anybody know snort port no in linux, (1 Reply)
Discussion started by: manoj.solaris
1 Replies

4. Cybersecurity

Snort/NTOP Placement

I have been asked to place 2 (1 NTOP & 1 SNORT) boxes within our network as part of our tool kit for network monitoring and Intrusion detection. Out network is very simplistic and it layed out like this: internet | | Cisco 1811 Router (8x Layer 2 switch ports) ... (0 Replies)
Discussion started by: metallica1973
0 Replies

5. Cybersecurity

Snort HTTPS

Is it possible to rule out in alert all HTTPS traffic or rule out all the HTTPS trafic from the alerts on snort ? (3 Replies)
Discussion started by: drd0spt
3 Replies

6. Solaris

Solaris 10 flash installation - fatal error. Solaris installation program exited.

Not very helpful to say the least. Seems to read the flar file and go through the upgrade and then come up with this error. Any ideas? (1 Reply)
Discussion started by: psychocandy
1 Replies

7. UNIX for Beginners Questions & Answers

Snort 2.9.14 hangs once started

I've been trying to get Snort running on my lab network, but haven't been having much luck. I installed Snort 2.9.14 on both Windows 10 & Ubuntu 18.04 (Running in VirtualBox 5.2.22). I seems to have the snort.conf file set up correctly in both environments, because when I test snort in either... (1 Reply)
Discussion started by: bodisha
1 Replies

LEARN ABOUT DEBIAN

ttysnoop

TTYSNOOP(8)						    BSD System Manager's Manual 					       TTYSNOOP(8)

NAME

     ttysnoop -- snoop on a user's tty

SYNOPSIS

     ttysnoop [pty]
     ttysnoops

DESCRIPTION

     The ttysnoop / ttysnoops client-server combo can be used to snoop (watch) on a user's login tty.  The server (ttysnoops) is usually started
     by getty(8) or telnetd(8) and reads the file /etc/snooptab to find out which tty's should be cloned and which programs to run on them (usu-
     ally /bin/login). A tty may be snooped through a pre-determined (ie.  fixed) device, or through a dynamically allocated pseudo-tty (pty).
     This is also specified in the /etc/snooptab file. To connect to the pty, the client ttysnoop should be used. The available pseudo terminals
     pty are present as sockets in the directory /var/spool/ttysnoop/.

   Format of /etc/snooptab
     The /etc/snooptab file may contain comment lines (starting with a '#'), empty lines, or entries for tty's that should be snooped upon. The
     format of such an entry is as follows:

	   tty	 snoop-device	type   program

     where tty is the leaf-name of the tty that should be snooped upon (eg. ttyS2, not /dev/ttyS2) OR the wildcard '*', which matches ANY tty.
     snoop-device is the device through which tty should be snooped (eg. /dev/tty8) OR the literal constant "socket". The latter is used to tell
     ttysnoops that the snoop-device will be a dynamically allocated pty.  type specifies the type of program that should be run, currently recog-
     nized types are "init", "user" and "login" although the former two aren't really needed. Finally, program is the full pathname to the program
     to run when ttysnoops has cloned tty onto snoop-device.

EXAMPLE

     The following example /etc/snooptab file should illustrate the typical use of ttysnoop / ttysnoops:

	    #
	    # example /etc/snooptab
	    #
	    ttyS0    /dev/tty7	  login    /bin/login
	    ttyS1    /dev/tty8	  login    /bin/login
	    #
	    # the wildcard tty should always be the last one in the file
	    #
	    *	     socket	  login    /bin/login
	    #
	    # example end
	    #

     With the above example, whenever a user logs in on /dev/ttyS0 or /dev/ttyS1, either tty will be snooped through /dev/tty7 or /dev/tty8
     respectively. Any other tty's will be snooped through a pty that will be allocated at the time of login. The system-administrator can then
     run ttysnoop pty to snoop through the pty. Note that it is up to the system-administrator to setup getty and/or telnetd so that they execute
     ttysnoops instead of /bin/login.

SEE ALSO

     getty(8), telnetd(8)

FILES

     /etc/snooptab

BUGS

     The program is unable to do any terminal control-code translations for the original tty and the snoop-device. I doubt it will ever do this.

AUTHOR

     Carl Declerck, carl@miskatonic.inbe.net

BSD
								   August 8 1994							       BSD
All times are GMT -4. The time now is 12:42 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy