I use the one and one Linux distribution - Fedora. All the rest are just cheap imitations.
You can configure your system to boot in runlevel 3 if you want command mode, or you can open up a command terminal in the GUI. Does that answer your question?

no because I use ubuntu 11.04

How does this have any bearing on his answer?

You can still configure Ubuntu (or any other distro) to boot directly to RL3. It's a simple change to the grub / lilo loader (whatever Ubuntu uses).

Alternatively, you could just let it boot normally then press Ctrl+Alt+F1 (or F2, F3, F4...) to bring up another session.

As for Snort, yes it runs natively in a terminal. You can get GUI's for it though.

Also - your question / thread title is misleading. Snort will behave the same regardless of which distro you're running it on. You should edit to ask if anyone has experience running Snort on Linux as opposed to just generically running Ubuntu, which every 12yr old who's seen any "hacking" movie undoubtedly has tried at some point.

We've got about 3500 employees. At least 60% run Linux as their primary workstation

Linux is significantly stronger now, especially with the emergence of Firefox as one of the standard browsers (and Chrome / Chromium / "webkit"). OpenOffice / LibreOffice will open all MS documents unless you need something like Vision / Project, to which there are equivalents...

Short of people being slightly scared at how "technical" Linux can be under the hood, in terms of installing non-packaged software or drivers, it's most certainly a viable mainstream competitor to Windows - it's simply so diverse due to its open source methodology that it can't target the market as effectively as a corporate entity such as Microsoft or Apple.

Also, fun fact, Apple's OS X is based around elements of BSD - proof that when a commercial entity with the sway of Apple gets behind a *nix based system, it certainly can be pushed to market effectively.

You can run anything from the terminal as long as it's installed. For configuration it really depends on what you want. Refer to the man page(# man snort) or see here: http://linux.die.net/man/8/snort

Also might want to check their website for documentation. http://www.snort.org/

Ok all start a new thread because I want to know how to configure it in GUI

wow.....
How are other distro's 'cheap imitations' if Fedora has only been around since 2003?

I would like to post helpful information in the THREE linux threads but.. I just can't. I can't. The stupid hurts too much.


If you can't figure out how to run a terminal window under linux you shouldn't be using Snort. If you can't figure out how to configure Snort then the information it provides will be useless to you.

Finally, Running OS-X on non-mac hardware is a license violation. I won't help you there. Why do you even need a mac virtual-box unless you are a developer programming for cross-platform use and need to test and verify?

You should probably state your level of skill and what your reasons and intentions are behind the use of linux, virtualbox, and Snort. That way we can properly help you and not just heap words and useless information at you.

This.

Pretty much.

I use quake to access the GUI, easy simple, always works.

For Linux if you cannot configure a program then you don't know how to Google.

e.g. http://www.thegeekstuff.com/2010/08/snort-tutorial/

@ the dude with the fruity unicorn avatar, take your condescending comment somewhere else

the questions Im asking may be stupid to you but they are to help me understand so get the H*ll of my thread jerk

im relatively new to ubuntu about a month
and I can operate terminal that not what I asked I wonted to know how to operate snort

In fairness, you asked if anyone was familiar or had experience with Ubuntu.

I'm tempted to agree with him. If you've been using Ubuntu for about a month, then you should probably work out how to use Linux at a deeper level before heading off towards specific applications.

For example, the wireless capturing and analysis that you're trying to do with Snort will be a lot easier if you learn how to install the airpcap libraries and some drivers for your wireless card that support injection and promiscuous capture.

You'll probably want to use something a little more tailored than Snort too, as there are better things out there for WEP / WPA cracking. Then you'll likely want to get some form of USB GPS device so you can wardrive your neighborhood and log the coordinates. You can overlay that on Google Maps at a later date to find out where the open or poorly secured networks are. If you're going for WEP, you'll need a decent number of packets (which is where the injection comes in) to have enough of a pattern to break the key. WPA works pretty similarly, although I suggest you offload the processing into Amazon's GPU cloud.



Or are we way off and you're seriously interested in intrusion detection?

Nope, not way off. It is as I suspected. A wanna-be hacker kiddy (not age specific).

You clearly stated you did not know how to operate the terminal, confused the hell out of us. All your answers are to be found on google. Even my wife can google linux answers for even some very highly technical questions.

Your questions are fielded at the level of "How I mine Fish?". They are nonsensical and mean nothing to me and I support my end users and their absolutely inane questions every day. People already posted basic Snort tutorials, are they too hard? When asking for help on something VERY technical you need to properly form your questions or we really cannot give you any help.

I used to be black, then grey, now I am fully white. I do not support war-driving. It is infantile and illegal. If you want to monitor your own network then I have no problems in helping you ONCE YOU HELP YOUR DAMN SELF! That is step one. I am disinclined to acquiesce to the habit of the modern era to want others to deliver education without effort.

all I want is to tell if someone is trying to intrude onto my system yes intrusion detection, and the virutual box is to watch netflix and for my itunes to work properly

I had to overcome so much difficult obstacles with this OS people telling me that the things im trying to do are to complex and that I should focus on the basics

but you know what I still solved those problems on my own
so don't insult my intelligence

Im sorry for my questions being so vague and next time I will be clearer