[Bro] Host Key Verification Failed
Daniel Thayer
dnthayer at illinois.edu
Wed Aug 3 10:00:18 PDT 2016
BroControl runs the "ifconfig" command, and then tries to read IP
addresses from the output. This might fail depending on which locale
your system is configured to use. Here are two simple workarounds:
1) create a shell script wrapper that sets LANG and runs broctl, or
2) patch the broctl source to set LANG when it runs ifconfig (to do
this, edit $PREFIX/lib/broctl/BroControl/execute.py, where $PREFIX
is your bro install prefix directory, and then look for PATH, and add
LANG=C right before the PATH=...)
These workarounds won't be needed for the next Bro release.
On 8/3/16 11:39 AM, Dane Wullen wrote:
> Hey Daniel,
>
> well it worked. I was able to submit the command "install", "start" and
> "stop", but everytime with LANG=C. How can I avoid that I have to type
> in LANG=C all the time?
>
> Could you explain me what I did wrong or what the command "LANG=C" does?
> Thanks alot. :)
>
> Dane
>
>
> Am 03.08.2016 um 17:03 schrieb Daniel Thayer:
>> Could you try running this command:
>> LANG=C broctl install
>>
>> Let me know if that works or not.
>>
>>
>> On 8/3/16 5:59 AM, Dane Wullen wrote:
>>> Hello there,
>>>
>>> I've tried to install Bro on a Ubuntu 16.04 virtual machine (VirtualBox)
>>> with following guide:
>>>
>>> http://knowm.org/how-to-install-bro-network-security-monitor-on-ubuntu/
>>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__knowm.org_how-2Dto-2Dinstall-2Dbro-2Dnetwork-2Dsecurity-2Dmonitor-2Don-2Dubuntu_&d=CwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=Bi5qPBnY0NmYPqnRTPj_AfXQKpfQTZUpCzpfFBcawv0&m=F34LY1zuKAkgaGWslI2qGRFFNj-ndAVOVzKjRyRPkBw&s=W8GD3LcgP5BwEW7sFEFWEB4wvJ1PGLLf3hXxhQkkqu0&e=>
>>>
>>>
>>> After the installation, I started broctl and tryped "install", but I
>>> reveiced an error message:
>>>
>>> Host key verification failed.
>>> Error: cannot create (some of the) directories
>>> /usr/local/bro,/usr/local/bro/logs,/usr/local/bro/spool,/usr/local/bro/spool/tmp
>>> on node bro
>>>
>>> I want to run Bro on a single machine (so no cluster at all), I
>>> checked the node.cfg, it looks like this:
>>>
>>> [bro]
>>> type=standalone
>>> host=localhost
>>> interface=eth0
>>>
>>> Of course I installed a SSH Server (apt-get install openssh-server), and
>>> successfully connected to my VM with several divices.
>>>
>>> There was a common problem in this Mailing-List, but unfortunatly it
>>> remaind unsolved...
>>>
>>> http://mailman.icsi.berkeley.edu/pipermail/bro/2015-July/008697.html
>>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.icsi.berkeley.edu_pipermail_bro_2015-2DJuly_008697.html&d=CwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=Bi5qPBnY0NmYPqnRTPj_AfXQKpfQTZUpCzpfFBcawv0&m=F34LY1zuKAkgaGWslI2qGRFFNj-ndAVOVzKjRyRPkBw&s=p3paIyqindeHv6mgVDCwer8Qma1k8fx-kDlmi7krhg0&e=>
>>>
>>>
>>> I'm new to linux and bro, also, english is not my native language, so
>>> please forgive me my faults. :)
>>>
>>> I would be glad to hear from you guys!
>>>
>>> Thanks alot!
>>>
>>> brot
>>>
>>>
>>>
>>> _______________________________________________
>>> Bro mailing list
>>> bro at bro-ids.org
>>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>>
>
More information about the Bro
mailing list