Problem with Snort 2.0.4 and Snort Rules

["Mark Ewert" <mewert () ihcis com>]

Greetings,
 
I'm having a strange problem with Snort 2.0.4 and the latest rules. When
I execute Snort I get the following messages in /var/log/messages. I'm
running Snort 2.0.4 with Phil Wood's Ring PCAP library. Anyone have any
ideas?
 
THANKS!
 
Mark
 
Warning: /etc/snort/snort_eth0/exploit.rules(39) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/exploit.rules(39) => Unknown keyword
'pcre' in rule!
Warning: /etc/snort/snort_eth0/exploit.rules(41) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/exploit.rules(41) => Unknown keyword
'pcre' in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(6) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(6) => Unknown keyword 'pcre' in
rule!
Warning: /etc/snort/snort_eth0/ftp.rules(7) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(7) => Unknown keyword 'pcre' in
rule!
Warning: /etc/snort/snort_eth0/ftp.rules(8) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(8) => Unknown keyword 'pcre' in
rule!
Warning: /etc/snort/snort_eth0/ftp.rules(9) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(9) => Unknown keyword 'pcre' in
rule!
Warning: /etc/snort/snort_eth0/ftp.rules(10) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(10) => Unknown keyword 'pcre'
in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(11) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(11) => Unknown keyword 'pcre'
in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(12) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(12) => Unknown keyword 'pcre'
in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(14) => Unknown keyword
'isdataat' in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(14) => Unknown keyword 'pcre'
in rule!
Warning: /etc/snort/snort_eth0/ftp.rules(15) => Unknown keyword
'isdataat' in rule!

NOTE: this repeats for about 100+ rules.

---------------------------------------------

Mark F. Ewert, Principal Systems Architect

Integrated Healthcare Information Services

www.ihcis.com <http://www.ihcis.com/> 

 

 

---------------------------------------------------------------------------
This e-mail and the information transmitted within it is intended only
for the recipient(s) to which it is addressed and may contain confidential
and/or privileged material. Any review, retransmission, dissemination or 
other use of; or taking of any action in reliance upon this information
by persons or entities other than the intended recipient is prohibited. 
If you received this in error, please send the e-mail back to notify the
sender and delete the message and its contents from any computers and
network systems involved in its receipt. Thank you.