Building an ethichal hacking lab on your laptop with VirtualBox – Part 9 Linux Mint Snort IDS – Making it permanent

Last but not least, lets make everything so far permanent with the following modifications so snort and barnyard will load at boot.

sudo vi /etc/init/snort.conf

129 - Modify snort conf permanent

129 – Modify snort conf permanent

Add in the following to the file:

description “Snort NIDS service”
stop on runlevel [!2345]
start on runlevel [2345]
script
exec /usr/sbin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth1 -D
end script

Which will make it look like this

130 - Snort conf modification

130 – Snort conf modification

Run the following

chmod +x will make the file executable
initctl list will list services loading at startup, grep is used to pick snort only from that list

sudo chmod +x /etc/init/snort.conf
initctl list | grep snort

And you should see the following printout on the screen

131 - chmod initctl

131 – chmod initctl

Now to modify the barnyard configuration file

sudo vi /etc/init/barnyard2.conf

132 - Barnyard conf modification

132 – Barnyard conf modification

Add in the following:

description “barnyard2 service”
stop on runlevel [!2345]
start on runlevel [2345]
script
exec /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo -g snort -u snort -D
end script

So it looks like the following

133 - Barnyard file modifcation

133 – Barnyard file modifcation

Run the following:

sudo chmod +x /etc/init/barnyard2.conf
initctl list | grep barnyard

You should see the following output

134 - barnyard chmod initctl

134 – barnyard chmod initctl

Reboot and then check the status of both after the reboot with the following:

service snort status

service barnyard2 status

You should see they both have a running process like below

135 - service snort and barnyard check

135 – service snort and barnyard check

That’s it, well done for getting this far! As you can see the ethical hacking lab is coming together quite nicely. Yes it takes time but don’t rush things and if things don’t work out. Try harder next time.

Next we will be covering Metaspoitable and DVWA so stay tuned!

 

Leave a Reply