Re: snort-stable-snapshot.tar.gz & snort-daily.tar.gz

[James Hoagland <hoagland () SiliconDefense com>]

At 9:30 AM -0600 5/31/02, Slighter, Tim wrote:
> Have been experiencing strange anomalies with these new builds where 
> the configure --enable-flexresp works fine as does the "make" and 
> "make install".  However, there have been peculiar errors with 
> snortsnarf being able to parse the alert and portscan.log files. 
> The errors that happen pertain to Time::JulianDate and somehow or 
> another the perl script strips the source and destination IP from 
> the output.  I have ran "make distclean" and re-compiled with and 
> without the --enable-flexresp and always come with up with this same 
> behavior.  Sometimes during the un-tar of these files it generates 
> errors about future dates for certain files being off.   Anyone else 
> seen this or found a work-around ?  As a result of these strange 
> errors, have been forced to regress back to the stable 1.86 version.

If you are getting a complaint about Time::JulianDate then you 
probably didn't install the 'include' files that come with SnortSnarf 
in some place that snortsnarf.pl will find them when run.

Regards,

  Jim
--
|*      Jim Hoagland, Associate Researcher, Silicon Defense      *|
|*            --- Silicon Defense: IDS Solutions ---             *|
|*  hoagland () SiliconDefense com, http://www.silicondefense.com/  *|
|*   Voice: (530) 756-7317                 Fax: (530) 756-7297   *|

_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users