Setup: if no Internet access, notify user that we're setting LOCAL_NIDS_RULE_TUNING=yes #543

Closed
GoogleCodeExporter opened this Issue Mar 24, 2015 · 5 comments

Comments

Projects
None yet
1 participant
Setup: if no Internet access, notify user that we're setting 
LOCAL_NIDS_RULE_TUNING

Original issue reported on code.google.com by doug.bu...@gmail.com on 29 May 2014 at 6:27

Original comment by doug.bu...@gmail.com on 31 May 2014 at 3:49

  • Changed title: Setup: if no Internet access, notify user that we're setting LOCAL_NIDS_RULE_TUNING=true
  • Added labels: ****
  • Removed labels: ****

Original comment by doug.bu...@gmail.com on 1 Jun 2014 at 1:12

  • Changed title: Setup: if no Internet access, notify user that we're setting LOCAL_NIDS_RULE_TUNING=yes
  • Added labels: ****
  • Removed labels: ****
if [ $SERVER -eq 1 ]; then
source /etc/nsm/securityonion.conf
if [ "$LOCAL_NIDS_RULE_TUNING" = "no" ] ; then
TEXT="Rules downloaded by Pulledpork are stored in: \n \
/etc/nsm/rules/downloaded.rules \n \
\n \
Local rules can be added to: \n \
/etc/nsm/rules/local.rules \n \
\n \
You can have PulledPork modify the downloaded rules \n \
by modifying the files in: \n \
/etc/nsm/pulledpork/ \n \
\n \
Rules will be updated every day at 7:01 AM UTC. \n \
You can manually update them by running: \n \
/usr/bin/rule-update \n \
\n \
Sensors can be tuned by modifying the files in: \n \
/etc/nsm/NAME-OF-SENSOR/"
zenity --info --title="$TITLE" --text="$TEXT" --no-wrap
else
TEXT="Setup was not able to download rules from the Internet.\n \
LOCAL_NIDS_RULE_TUNING has been set to 'yes' in /etc/nsm/securityonion.conf.\n \
\n \
If you do have Internet access and want to download rules from the Internet,\n \
you'll need to change this option to 'no'."
zenity --info --title="$TITLE" --text="$TEXT" --no-wrap
fi
fi

Original comment by doug.bu...@gmail.com on 16 Jul 2014 at 8:40

  • Added labels: ****
  • Removed labels: ****
Submitted for testing:
https://groups.google.com/d/topic/security-onion-testing/my5dRuEsvBQ/discussion

Original comment by doug.bu...@gmail.com on 16 Jul 2014 at 9:03

  • Added labels: ****
  • Removed labels: ****
Published:
http://blog.securityonion.net/2014/07/new-securityonion-setup-package.html

Original comment by doug.bu...@gmail.com on 22 Jul 2014 at 2:34

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment