Snort mailing list archives
Warning with Snortrules-current
From: "sam" <s.wun () thales-is com hk>
Date: Sat, 30 Nov 2002 12:44:37 +0800
hi, After updated the snort rules with current rule set, I got the following warnign message: Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(78) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(79) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(91) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(91) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(92) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(92) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(93) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(93) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(93) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(94) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(94) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(94) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(100) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(101) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(109) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(109) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(110) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(110) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(111) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(111) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(112) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(112) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(132) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(132) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(143) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(143) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(144) => Unknown keyword 'byte_jump' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/rpc.rules(144) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/misc.rules(44) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/misc.rules(45) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/imap.rules(9) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/imap.rules(10) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/imap.rules(11) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Warning: /root/snort-1.9.0/etc/../rules/imap.rules(12) => Unknown keyword 'byte_test' in rule! Nov 30 12:42:42 dev3 snort: Snort initialization completed successfully, Snort running do I need to install snort 2.0 to stop the warning? Thanks sam ------------------------------------------------------- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort logs start/stop not to syslog Security Dude (Nov 27)
- <Possible follow-ups>
- Re: snort logs start/stop not to syslog aaron g (Nov 27)
- Warning with Snortrules-current sam (Nov 29)
- Re: Warning with Snortrules-current Jens Krabbenhoeft (Nov 30)
- Warning with Snortrules-current sam (Nov 29)