- Upgraded the server memory from 256MB to 768MB
- Installed a 80GB Maxtor Hard Drive
[root@luisaranguren]# hdparm -i /dev/sdb
/dev/sdb:
Model=Maxtor 4R080L0, FwRev=RAMC1TU0, SerialNo=R29XVRME
Config={ Fixed }
RawCHS=16383/16/63, TrkSize=0, SectSize=0, ECCbytes=57
BuffType=DualPortCache, BuffSize=2048kB, MaxMultSect=16, MultSect=16
CurCHS=4047/16/255, CurSects=16511760, LBA=yes, LBAsects=160086528
IORDY=on/off, tPIO={min:120,w/IORDY:120}, tDMA={min:120,rec:120}
PIO modes: pio0 pio1 pio2 pio3 pio4
DMA modes: mdma0 mdma1 mdma2
UDMA modes: udma0 udma1 udma2 udma3 udma4 *udma5 udma6
AdvancedPM=yes: disabled (255) WriteCache=enabled
Drive conforms to: ATA/ATAPI-7 T13 1532D revision 0: ATA/ATAPI-1,2,3,4,5,6,7
* signifies the current active mode
- Installed a 1TB hard drive in my desktop box ~3TB total storage
- Installed and configured pulledpork to update snort rules
had to add pcre:fwsam to disablesid.conf to avoid a fwsam error in snort
- Fine tuned and fixed a few snort errors
- To make it easier to catch problems added to /etc/mysql/my.cnf
[mysqld]
log-error=/var/log/mysql/error.log
Hey. Maybe you can help me out. I still receive those:
/etc/snort/rules# ERROR: /etc/snort/rules/snort.rules(16600) Unknown rule option: ‘fwsam’.
Fatal Error, Quitting..
messages. Can you help me out somehow? I’ve added the line “pcre:fwsam” to: /etc/snort/disablesid.conf and still got the same problem.
Cheers,
David
You have to specify the path to disablesid.conf inside pulledpork.conf. In my case:
# Here you can specify what rule modification files to run automatically.
# simply uncomment and specify the apt path.
# enablesid=/usr/local/etc/snort/enablesid.conf
# dropsid=/usr/local/etc/snort/dropsid.conf
disablesid=/etc/snort/pulledpork/disablesid.conf
# modifysid=/usr/local/etc/snort/modifysid.conf