Snort mailing list archives
Problems reading dump files
From: Pete Schuyler <peter_schuyler () pyxis sra com>
Date: Tue, 07 Aug 2001 13:29:45 -0400
I am installing Snort 1.8P1 (Build 43) on an analysis station, and am having a problem. I currently log packet captures with tethereal, which has worked fine for some time. Tcpdump reads these files without a problem, as does ethereal. Snort doesn't seem to like the file format, and yields a status output which indicates that it read only 1 "Other" packet, and "received signal 3, exiting". It seems to be parsing the snort.conf correctly, as I get a posotive rule count. I have tried upgrading the libpcap to 0.6.2, but that doesn't seem to work as tcpdump still indicates version 0.4. I'm running on RedHat 7.1, kernel 2.4.3-12. I'm sure I'm probably missing something simple, but if someone could help fill in the blanks, it would be much appreciated. Pete Schuyler P.S. Congratulations Marty on the new addition. Great class at SANSfire D.C.!! _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Problems reading dump files Pete Schuyler (Aug 07)
- <Possible follow-ups>
- Problems reading dump files Pete Schuyler (Aug 07)