Snort mailing list archives
ERROR: ERROR /snortcenter/rules/snort.eth0.conf (88): Bad arguments to byte_test:
From: Brian Toovey <admin () zionsecure com>
Date: Fri, 19 Dec 2003 20:46:32 -0500
I have seen this posted, but does anybody know the solution yet? (snortcenter) Reload: Current config file error: Running in IDS mode Log directory = /var/log/snort Initializing Network Interface eth0 --== Initializing Snort ==-- Initializing Output Plugins! Decoding Ethernet on interface eth0 Parsing Rules file /snortcenter/rules/snort.eth0.conf +++++++++++++++++++++++++++++++++++++++++++++++++++ Initializing rule chains... Initializing Preprocessors! Initializing Plug-ins! No arguments to frag2 directive, setting defaults to: Fragment timeout: 60 seconds Fragment memory cap: 4194304 bytes Fragment min_ttl: 0 Fragment ttl_limit: 5 Fragment Problems: 0 Self preservation threshold: 500 Self preservation period: 90 Suspend threshold: 1000 Suspend period: 30 Stream4 config: Stateful inspection: ACTIVE Session statistics: INACTIVE Session timeout: 30 seconds Session memory cap: 8388608 bytes State alerts: INACTIVE Evasion alerts: INACTIVE Scan alerts: ACTIVE Log Flushed Streams: INACTIVE MinTTL: 1 TTL Limit: 5 Async Link: 0 State Protection: 0 Self preservation threshold: 50 Self preservation period: 90 Suspend threshold: 200 Suspend period: 30 Stream4_reassemble config: Server reassembly: INACTIVE Client reassembly: ACTIVE Reassembler alerts: ACTIVE Ports: 21 23 25 53 80 110 111 143 513 1433 Emergency Ports: 21 23 25 53 80 110 111 143 513 1433 http_decode arguments: Unicode decoding IIS alternate Unicode decoding IIS double encoding vuln Flip backslash to slash Include additional whitespace separators Ports to decode http on: 80 rpc_decode arguments: Ports to decode RPC on: 111 32771 alert_fragments: INACTIVE alert_large_fragments: ACTIVE alert_incomplete: ACTIVE alert_multiple_requests: ACTIVE telnet_decode arguments: Ports to decode telnet on: 21 23 25 119 database: compiled support for ( mysql ) database: configured to use mysql database: user = snort database: password is set database: database name = snort_log database: host = localhost database: sensor name = 68.209.111.12 database: sensor id = 1 database: schema version = 106 database: using the "log" facility ERROR: ERROR /snortcenter/rules/snort.eth0.conf (88): Bad arguments to byte_test: Fatal Error, Quitting.. Reload: SIGHUP has not been sent to snort pid! -- Brian Toovey Zion Network Security Manager Product Development 3223 NE 40th St Ft Lauderdale, FL 33308 admin () zionsecure com http://www.zionsecure.com Public PGP Key Server: http://pgpkeys.mit.edu:11371/ Public PGP Key Verify: http://www.zionsecure.com/briantooveygpgpubkey.htm What is all this PGP stuff? Pretty Good Protection... http://www.pgp.com/ http://www.gnupg.org -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.2.3 (GNU/Linux) mQGiBD/FnwYRBADvgBDsilNzCZQQLApZlee7jZTwICA5gSsyMHW/j5x2EwD2nReU +XjfJc8Un11/Jf4kUiIOlT5EICYWAlgOcaitTHjTiaTsLHu6Yq/GPFkJH9Kcg/Pr RqQg/wkDH1Xua7QXzTmVcdo+Ndkx+3TFotnnutj2m9M+qr2DKcnbE8vaAwCgpve8 o/Bdx9QvmP4KoytO5ASmeGMEAL2YXOv1Qlnb7x+YzYkSOvFWcOdGDe0OKT9e01ap +nlyZR10GkSZ/fB+3R1I7A3IWq/6cZ9vNgedYUjC9WrZKnVc1EdTUxkMn//5cZMq VG8RcIEhxYrCYOS+B4sHny1FHjgabnZg8G3OP4NdJlQoxt7dIbKiEGpJOMkLfZos QFOiBADMy33fh+39L1KeYU3lmpDV87XnwF02CfGqdCgK3EE23flIp+a0WczqsvQm HCPIrzdtLvhY0tGZZIlvEexk97DXSQB245cxrngKmSodKTXUZcHLPvuHu8V0aczf Vo95mEe5pqv13LxWO2+WkB0Vo61PT7mmJ1tQ8MWboDN07NR/ibQ7QnJpYW4gVG9v dmV5IChaaW9uIE5ldHdvcmsgU2VjdXJpdHkpIDxhZG1pbkB6aW9uc2VjdXJlLmNv bT6IYQQTEQIAIQUCP8WfBgUJAE8aAAYLCQgHAwIDFQIDAxYCAQIeAQIXgAAKCRAX DjIThjF9nlnmAJ0ft5JlgNvH6Y+rA2RUkKPgGcZV/wCfd+UE6h5il6jQfZ1Qw33O hE/6bgC5BA0EP8WfcxAQAOzflpkCbTlbLago/CtNyVq66pKxxMAYjqwgHkax+Pjc dRc1vZP6WIZnHRoVEDQjs1MJtkz4HKQeZHcC/gd2cFjK5N2mfJB2h3g7B7BdQHyP U0qXCL45yPG7ShM23gjf+hZsr/lqufa6WMPzXFg26fnSjqX2RAjx/O0C1j99EuQK RJ90alQtjSy1kZy48nVzhI4ZJKUnKMP7LOIC8QcVY/S49GNQEUpRF6rf2TI2taMu 3f8e0PH1yFeaPBIywJiTQArEO94ommTat5ni1mKSDAnd0wMTMavJ6Urwz0dFzxor KKV4UvLCGBOf0SBMeAcrOy0b/KC28AeAu5k4b3bE5GRk9tSUtt6noqeYGlMn1Ggp SZ7t2ySmi94z9RSneN1U9gh+iL/TJCikKue+kEEk/Nqg8Lu8QNLRUNAWbMqJ/J5s I7MCdC9mFsxEsGgv6LFedE//dOpdHNWd7KSlv/ykX3ZWfv42rJgQDlS1FwVnby0d VJX1afKo2vhffgZs6yEuLtmjQ8DOV1i395YfWkeXNU3xuWwnLtlA06/jDxkoXEVZ HjpwVIOkRRx7IRJ1OrnfPucW37PgmXvgybcspa7E3KfTeq1bv88ysQa79xpn39jR cIPf2XhKVWaQu6F/h/aaWHuWO2exOe2XNEXpgmQdOs9wfnch0HVvf5MjjL2muJ3z AAMFD/9Ug2D/reNxUF8Kb+wSNNoMRmXNHfe4T72Wcqtvn0QTNoLO6qnf7MwnZq/7 6AOU84uKuVxVeXZ9AOPXrQf0oZATQ6bPTsHDP/PaPpMwPZUAIt37L81c2gYFjSTy oaM5gIp2LsOZGmLOaKki0qLA0Mrs/t2r2meG+U+nDCOj5P4GxMLlRZM9+83aYMRj QSbOvtnkSSNzm4YqcRPuu5CP5iwhsCYdgvckwmLbxdn+e+AQtPcyqYFSizXcUIi2 UP4moL8vHu1PSqPqyTR6gb5onz2wPYeEJLDQLN68cnZKxAIWfhNMNcTyeSKpPoFD EnkNC9T4LNYnoIzlRnDZ1WyaXWYa0oNkw5Ye/x7FwR6xOxvbzRhvRsQPq80b7kVO tcbGGfyWyuT5Kim3spnKOHMoD3sF9z8V9wHW78njLaqc7ozEl19/+HPhE2T77Vsx EGwf4e5L04uynax7bwHemxC3lIeu104A44xpVe1cuZx52/BkArzm4RI63OWu2Pl7 JKFXMZhhSmH+urHTYS0qN0Ncp9bR60l3I6zJNR+Qh39zCCpo5Tn+H4UyFJ7bh5m2 5ba+78hbuwQi+6fJQa4Ih+LfLBb56CbaQMPL4NuEHbkUYNmKZvjSbpOGtBGdYtLV /z58NRflI1LTE6RYxUZ3hOS2/z5az5Hdlp6bmuHd9v2OK5o7vohMBBgRAgAMBQI/ xZ9zBQkATxoAAAoJEBcOMhOGMX2eiyMAnA9rhUG0VZklPRazDJES0QKcmTMyAKCl CQCr7zCdYfa4W7RhvOOrMH1l7w== =cwgL -----END PGP PUBLIC KEY BLOCK-----
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- ERROR: ERROR /snortcenter/rules/snort.eth0.conf (88): Bad arguments to byte_test: Brian Toovey (Dec 19)
- Re: ERROR: ERROR /snortcenter/rules/snort.eth0.conf (88): Bad arguments to byte_test: Paul Schmehl (Dec 20)
- Re: ERROR: ERROR /snortcenter/rules/snort.eth0.conf (88): Bad arguments to byte_test: Brian Toovey (Dec 20)
- Re: ERROR: ERROR /snortcenter/rules/snort.eth0.conf (88): Bad arguments to byte_test: Paul Schmehl (Dec 20)