[ previous ] [ next ] [ threads ]
 
 From:  "Cimino Vittorio" <cimino at teamufficio dot it>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Snort directory and file
 Date:  Fri, 6 Aug 2004 15:07:44 +0200 
Root Filesystem mfsroot.gz (12M)

drwxr-xr-x  2 root  wheel    512 May 29 16:05 bin
drwxr-xr-x  5 root  wheel    512 Aug  5 17:55 cf
lrwxrwxrwx  1 root  wheel      8 Jul 31 15:47 conf -> /cf/conf
drwxr-xr-x  2 root  wheel    512 Jan 23  2003 conf.default
drwxr-xr-x  2 root  wheel  10752 Jun 17 18:36 dev
drwxr-xr-x  3 root  wheel   1024 Aug  5 17:58 etc
drwxr-xr-x  2 1000  wheel    512 Aug  6 14:56 ftmp
drwxr-xr-x  2 root  wheel    512 Jul 30 12:06 mboot
drwxr-xr-x  2 root  wheel    512 Dec 15  2002 mnt
drwxr-xr-x  2 root  wheel    512 Jul  2 17:23 modules
dr-xr-xr-x  1 root  wheel    512 Aug  6 14:56 proc
drwx------  2 root  wheel    512 Dec 15  2002 root
drwxr-xr-x  2 root  wheel   1024 Jul 31 14:27 sbin
lrwxrwxrwx  1 root  wheel      9 Jul 31 15:47 snort -> /cf/snort
drwxr-xr-t  2 root  wheel    512 Aug  6 00:24 tmp
drwxr-xr-x  8 root  wheel    512 Dec 15  2002 usr
drwxr-xr-x  6 root  wheel    512 Aug  5 17:58 var


/usr/local/www
drwxr-xr-x  3 root  wheel    512 Aug  5 01:51 ext

/usr/local/www/ext
drwxr-xr-x  2 root  wheel  512 Aug  5 12:18 snort

/usr/local/www/ext/snort
-rw-r--r--  1 root  wheel   233 Aug  5 12:19 menu.inc
-rwxr-xr-x  1 root  wheel  6336 Aug  5 05:11 snort_conf.php
-rwxr-xr-x  1 root  wheel  3139 Aug  5 12:18 snort_log.php

/etc/inc
drwxr-xr-x  3 root  wheel    512 Aug  5 00:47 ext

/etc/inc/ext
drwxr-xr-x  2 root  wheel  512 Aug  5 00:48 snort

/etc/inc/ext/snort
-rwxr-xr-x  1 root  wheel  1962 Aug  5 00:51 rc

/usr/bin
r-xr-xr-x  1 root  wheel  411312 Jul 29 15:49 snort

/usr/lib
The library (try "ldd snort" for dip...)
-rwxr-xr-x  1 root  wheel   154423 Jul 31 14:33 libmysqlclient.so.12
-r--r--r--  1 root  wheel   108732 Jul 29 15:49 libpcap.so.2
-rwxr-xr-x  1 root  wheel    44831 Jul 29 15:49 libpcre.so.0



**********************************************************************************************

On Flash Card (/dev/ad0a)
The system mount /dev/ad0a in /cf

/cf
drwxr-xr-x  4 root  wheel      512 Jul 31 14:35 snort

/cf/snort
drwxr-xr-x  2 root  wheel   512 Aug  4 19:55 etc
drwxr-xr-x  2 root  wheel  1536 Aug  6 00:22 rules

/cf/snort/etc
-rw-------  1 root  wheel  22633 Aug  6 00:54 snort.conf
-rw-r--r--  1 root  wheel  22633 Aug  6 00:54 snort.conf.old
-r--r--r--  1 root  wheel  53841 Jul 31 14:40 unicode.map

/cf/snort/rules
-rw-r--r--  1 502   502     4718 Aug  4 23:15 attack-responses.rules
-rw-r--r--  1 502   502    13152 Aug  4 23:15 backdoor.rules
-rw-r--r--  1 502   502     3004 Aug  4 23:15 bad-traffic.rules
-rw-r--r--  1 502   502     7151 Aug  4 23:15 chat.rules
-r--r--r--  1 root  wheel   3521 Aug  6 00:24 classification.config
-r--r--r--  1 root  wheel   3521 Aug  4 10:23 classification.config-sample
-rw-r--r--  1 502   502     6774 Aug  4 23:15 ddos.rules
etc.. etc... etc...

Filesystem on CF
Filesystem   Size   Used  Avail Capacity  Mounted on
/dev/md0c     12M    10M   884K    92%    /
procfs       4.1K   4.1K     0B   100%    /proc
/dev/ad0a    124M   9.4M   105M     8%    /cf