ports/103257: Missing directory prevents Nepenthes from running out-of-the-box
Richard Bejtlich
taosecurity at gmail.com
Thu Sep 14 09:50:22 UTC 2006
>Number: 103257
>Category: ports
>Synopsis: Missing directory prevents Nepenthes from running out-of-the-box
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu Sep 14 09:50:19 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Richard Bejtlich
>Release: 6.1 SECURITY
>Organization:
TaoSecurity
>Environment:
FreeBSD vectra.taosecurity.com 6.1-SECURITY FreeBSD 6.1-SECURITY #0: Mon Aug 28 05:21:08 UTC 2006 root at builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
>Description:
The Nepenthes port almost works out-of-the-box. All that's missing is the /usr/local/var/nepenthes/binaries directory. Without it, Nepenthes dies.
I also noticed /usr/local/etc/nepenthes/nepenthes.conf makes this reference:
hexdump_path "var/nepenthes/hexdumps/";
/usr/local/var/nepenthes/hexdumps doesn't exist.
>How-To-Repeat:
vectra:/root# nepenthes
..edited...
Nepenthes Version 0.1.7
Compiled on FreeBSD/x86 at Sep 13 2006 21:15:02 with g++ 3.4.4 [FreeBSD] 20050518
Started on vectra.taosecurity.com running FreeBSD/i386 release 6.1-SECURITY
[ info mgr ] Loaded Nepenthes Configuration from "/usr/local/etc/nepenthes/nepenthes.conf".
[ info sc module ] Loading signatures from file var/cache/nepenthes/signatures/shellcode-signatures.sc
[ crit mgr submit ] Could not open var/nepenthes/binaries/
No such file or directory
vectra:/root#
vectra:/root# ls /usr/local/var
binaries cache hexdumps log spool
>Fix:
vectra:/root# mkdir -p /usr/local/var/nepenthes/binaries
vectra:/root# nepenthes
..edited...
Nepenthes Version 0.1.7
Compiled on FreeBSD/x86 at Sep 13 2006 21:15:02 with g++ 3.4.4 [FreeBSD] 20050518
Started on vectra.taosecurity.com running FreeBSD/i386 release 6.1-SECURITY
[ info mgr ] Loaded Nepenthes Configuration from "/usr/local/etc/nepenthes/nepenthes.conf".
[ info sc module ] Loading signatures from file var/cache/nepenthes/signatures/shellcode-signatures.sc
[ info mgr ] logfile var/log/nepenthes/nepenthes.log does not exist yet
[ crit mgr ] Compiled without support for capabilities, no way to run capabilities
Alternatively, edit /usr/local/etc/nepenthes/nepenthes.conf
filesdir "var/nepenthes/binaries/";
change to
filesdir "var/binaries/";
The same is true for the hexdumps directory:
hexdump_path "var/nepenthes/hexdumps/";
change to
hexdump_path "var/hexdumps/";
Another solution is to leave the nepenthes.conf file alone and change the directories that are created.
Thank you!
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list