Have you looked closely at the configure output? It tends to indicate
what items are not found and from there make additions to the system
to fill in the missing pieces.
rajasekhar reddy made the following keystrokes:
Have you looked closely at the configure output? It tends to indicate
what items are not found and from there make additions to the system
to fill in the missing pieces.
rajasekhar reddy made the following keystrokes:
Hi
Thanx to every one…
I am new to linux and i need bro to be installed on my lap to work on my project on network security
AND THIS IS WHAT I GOT WHEN I CONFIGURE IT
raj@ubuntu:~/Desktop/bro-1.5.2$ ./configure --prefix=/path/to/bro
checking build system type… x86_64-unknown-linux-gnu
checking host system type… x86_64-unknown-linux-gnu
checking target system type… x86_64-unknown-linux-gnu
checking for a BSD-compatible install… /usr/bin/install -c
checking whether build environment is sane… yes
checking for a thread-safe mkdir -p… /bin/mkdir -p
checking for gawk… gawk
checking whether make sets $(MAKE)… yes
checking for gcc… gcc
checking for C compiler default output file name… a.out
checking whether the C compiler works… yes
checking whether we are cross compiling… no
checking for suffix of executables…
checking for suffix of object files… o
checking whether we are using the GNU C compiler… yes
checking whether gcc accepts -g… yes
checking for gcc option to accept ISO C89… none needed
checking for style of include used by make… GNU
checking dependency style of gcc… gcc3
checking for flex… flex
checking lex output file root… lex.yy
checking lex library… -lfl
checking whether yytext is a pointer… yes
checking for bison… bison -y
checking for g++… g++
checking whether we are using the GNU C++ compiler… yes
checking whether g++ accepts -g… yes
checking dependency style of g++… gcc3
checking for a BSD-compatible install… /usr/bin/install -c
checking whether make sets $(MAKE)… (cached) yes
checking for ranlib… ranlib
checking for gzip… gzip
checking how to run the C preprocessor… gcc -E
checking for grep that handles long lines and -e… /bin/grep
checking for egrep… /bin/grep -E
checking for ANSI C header files… yes
checking for sys/types.h… yes
checking for sys/stat.h… yes
checking for stdlib.h… yes
checking for string.h… yes
checking for memory.h… yes
checking for strings.h… yes
checking for inttypes.h… yes
checking for stdint.h… yes
checking for unistd.h… yes
checking stdio.h usability… yes
checking stdio.h presence… yes
checking for stdio.h… yes
checking for stdio.h… (cached) yes
checking for stdio.h… (cached) yes
checking for OPENSSL_add_all_algorithms_conf in -lcrypto… yes
checking for SSL_new in -lssl… yes
checking whether OPENSSL_add_all_algorithms_conf is declared… yes
checking for OpenSSL >= 0.9.7… yes
checking whether d2i_X509() uses a const unsigned char**… yes
checking for perl5… no
checking for perl… /usr/bin/perl
checking for chown… /bin/chown
checking Linux kernel version… 2
checking for special C compiler options needed for large files… no
checking for _FILE_OFFSET_BITS value needed for large files… no
checking for ANSI C header files… (cached) yes
checking return type of signal handlers… void
checking for sigset… yes
checking for int32_t using gcc… yes
checking for u_int32_t using gcc… yes
checking for u_int16_t using gcc… yes
checking for u_int8_t using gcc… yes
checking whether time.h and sys/time.h may both be included… yes
checking for memory.h… (cached) yes
checking netinet/in.h usability… yes
checking netinet/in.h presence… yes
checking for netinet/in.h… yes
checking socket.h usability… no
checking socket.h presence… no
checking for socket.h… no
checking getopt.h usability… yes
checking getopt.h presence… yes
checking for getopt.h… yes
checking for net/ethernet.h… yes
checking for netinet/ether.h… yes
checking for netinet/if_ether.h… yes
checking for sys/ethernet.h… no
checking for netinet/ip6.h… yes
checking for socklen_t… yes
checking if syslog returns int… no
checking if we should declare socket and friends… no
checking for gethostbyname… yes
checking for socket… yes
checking for putmsg in -lstr… no
checking for local pcap library… /home/raj/Desktop/libpcap-1.1.1/libpcap.a
checking for pcap_freecode in -lpcap… yes
checking for pcap headers… /usr/include
checking if pcap_compile_nopcap needs error parameter… not needed
checking pcap-int.h usability… yes
checking pcap-int.h presence… yes
checking for pcap-int.h… yes
checking for bpf_set_bufsize… no
checking for pcap_version in libpcap… yes
checking for main in -lpcap… yes
checking if char_traits defines all methods… yes
checking for ns_msg… yes
checking for ns_inittab/res_mkquery with resolver ‘none’… no
checking for ns_inittab/res_mkquery with resolver ‘-lresolv’… yes
configure: Nonblocking DNS enabled.
checking for working memcmp… yes
checking for strftime… yes
checking for strerror… yes
checking for strsep… yes
checking for strcasestr… yes
checking for mallinfo… yes
checking for getopt_long… yes
checking for library containing inet_aton… none required
checking for deflatePrime in -lz… yes
checking magic.h usability… yes
checking magic.h presence… yes
checking for magic.h… yes
checking for magic_open in -lmagic… yes
checking GeoIPCity.h usability… yes
checking GeoIPCity.h presence… yes
checking for GeoIPCity.h… yes
checking for GeoIP_open_type in -lGeoIP… yes
checking for tgetnum in -ltermcap… yes
checking termcap.h usability… yes
checking termcap.h presence… yes
checking for termcap.h… yes
checking term.h usability… yes
checking term.h presence… yes
checking for term.h… yes
yes
checking readline/readline.h usability… no
checking readline/readline.h presence… no
checking for readline/readline.h… no
checking readline/history.h usability… no
checking readline/history.h presence… no
checking for readline/history.h… no
checking for using_history in -lreadline… no
checking whether byte ordering is bigendian… no
checking for union semun… no
checking for struct sembuf… yes
checking for struct sockaddr_in.sin_len… no
checking for long long… yes
checking size of long long… 8
checking for long int… yes
checking size of long int… 8
checking for void *… yes
checking size of void *… 8
checking Linux kernel version support selectable fds… 2.6 is ok
checking for dag_open in -ldag… no
checking pcap.h usability… yes
checking pcap.h presence… yes
checking for pcap.h… yes
checking for python… /usr/bin/python
checking for Python >= 2.4… yes
checking for python-config… yes
=== configuring in aux/broctl
Created Makefile.
Created bin/broctl.
Created bin/make-wrapper.
Bro Control Configuration Summary
Rajasekhar,
The configure/build output looked pretty "normal" (error-free) to me, but when/if you go to execute `make install`...
raj@ubuntu:~/Desktop/bro-1.5.2$ ./configure --prefix=/path/to/bro
that installation prefix (/path/to/bro) is probably not what you want.
- Jon
hi,
thanx for reply now i managed to install bro…
but i again i got a prblm on running bro ids… can any pls let me know how to run bro on command line on ubuntu 10.04
thanx & regards
Hi
can anyone pls help me to run bro ids i really need it.
please
Thakns & Regards
Rajasekhar
hi when i tried to run bro ids i am getting this error did i done any mistake…
root@ubuntu:/usr/local/bro/
etc# bro.rc start
bro.rc: command not found
root@ubuntu:/usr/local/bro/etc#
Thanks & Regards
You might be missing “.” from your path. What happens when you issue the command “/usr/local/bro/etc/bro.rc start”?
Sridhar
i tried that as well i coming same thing like command not found
Regards
Do “/bin/sh -x /usr/local/bro/etc/bro.rc start” and see what is happening.
Sridhar
Apologies for the documentation being so out of date, but the bro.rc has not been included in the 1.5 release. If you want to just Bro as a normal program, you can run the bro binary directly. If you want to run it as a daemon watching live traffic you will likely want to run it with BroControl. Here are some docs for installing and running Bro with BroControl
http://svn.icir.org/bro/releases/release_1_5/bro/aux/broctl/README.html
.Seth
hi guys thanks for ur concern
i found some thing to wrk on bro ids…
can anyone tell me how to do these steps in configuring these steps in configuration of bro ids
The installation installs three configuration files which you should edit:
etc/broctl.cfg
is the overall BroControl configuration. Initially, you probably only need to edit the email address for mails sent by the framework; that’s the MailTo
line.
In etc/nodes.cfg
, you need to specify the network interface Bro is to monitor; that’s the interface
line.
In etc/networks.cfg
, list all the networks which Bro should consider as local to the monitored enviroment.
thanks in advance
Rajasekhar
hi guys thanks for ur concern
please i am very new to linux any one pls help me
i found some thing to wrk on bro ids…
can anyone tell me how to do these steps in configuring these steps in configuration of bro ids
The installation installs three configuration files which you should edit:
etc/broctl.cfg
is the overall BroControl configuration. Initially, you probably only need to edit the email address for mails sent by the framework; that’s the MailTo
line.
In etc/nodes.cfg
, you need to specify the network interface Bro is to monitor; that’s the interface
line.
In etc/networks.cfg
, list all the networks which Bro should consider as local to the monitored enviroment.
thanks in advance
What's your question?
.Seth
The installation installs three configuration files which you should edit:
etc/broctl.cfg
is the overall BroControl configuration. Initially, you probably only need to edit the email address for mails sent by the framework; that’s the MailTo
line.
In etc/nodes.cfg
, you need to specify the network interface Bro is to monitor; that’s the interface
line.
In etc/networks.cfg
, list all the networks which Bro should consider as local to the monitored enviroment.
CAN U PLS TELL ME HOW TO DO ABOVE STEPS
Those files should be in your directory where you installed Bro. You just need to edit them to suit your environment. Looking at the format of those files should be fairly obvious where and how to change them. Please ask if you have specific questions about how those files should be configured.
.Seth
i find them but i can’t able to edit those r in read only mode…
Y need them i cant able to run my bro ids which is already installed…
I hope u understand my problem
yeah thanx i got that
root@raj-Satellite-L300:/path/to/bro/bin# broctl install
No command ‘broctl’ found, did you mean:
Command ‘brctl’ from package ‘bridge-utils’ (main)
broctl: command not found
can u tell me is this right path trying to install broctl or any other mistake
Thaks & Regards
thankx alot it wrks
hi
Can any one know how to run this command…
yeah thanx i got that
root@raj-Satellite-L300:/path/to/bro/bin# broctl install
No command 'broctl' found, did you mean:
Command 'brctl' from package 'bridge-utils' (main)
broctl: command not found
Try "./broctl install"
Note the "./" in front of the command.
Or give the full path in your command, eg.
/path/to/bro/bin/broctl install
or add /path/to/bro/bin to your path. Google for an explanation of the
PATH environment variable for an explanation. I'll even supply a link
for you.