RE: W2K snort launch & halt

["Serge Jorgensen" <lists () usinfosec com>]

I've run through the available interfaces - no luck. -i2 seems to point to
the NIC, but running give the same problem. 

 

I was originally thinking that there was a compilation problem too so I just
grabbed a binary and installed that - same result.

 

 

 

-----Original Message-----
From: Hicks, John [mailto:JHicks () JUSTICE GC CA] 
Sent: Wednesday, December 11, 2002 2:53 PM
To: 'Serge Jorgensen'; Snort Users (E-mail)
Subject: RE: [Snort-users] W2K snort launch & halt

 

That sounds like you enabled Snort Statistics for Unix when you compililed
it...


John

-----Original Message-----
From: Serge Jorgensen [mailto:lists () usinfosec com]
Sent: Wednesday, December 11, 2002 2:03 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] W2K snort launch & halt

I just ran into a problem with a Snort install on a clean W2K box -
everything seems to install fine (using WinPcap 2.3 and Snort 1.9), but on
even a basic snort -d -e -v I get an initial "Initializing.", then a
"Warning: OpenPcap() device \Device\Packet_NdisWanIp network lookup:" which
says it completes successfully, initializing snort, and the version
information. then nothing. I can Ctrl-C out of it, which gives the Snort
analyzed 0 out of 0 packets, and ends with a 

Pcap_loop: read error: PacketReceivePacket failedpcapstats: PacketGetStats
error

 

Haven't seen this before - would appreciate any thoughts. Thanks.

 

Serge