Re: ERROR: OpenPcap() device

[Matt Kettler <mkettler () evi-inc com>]

At 06:50 PM 12/2/2004, Marvin Cummings wrote:
> First time post so please bear with me if I'm in the wrong place. I'm
> using the Installing a complete IDS using the IIS 5/6 Webserver
> located at winsnort.com and get this error when attempting to test the
> configuration. I have snort ver2_1_1 and WinPcap ver3.0 installed onto
> this w2k3 server. This is what I've done so far:
> >From the command prompt:
>
> D:\Applications\Snort\bin>snort -v -ix
> Running in packet dump mode
> Log directory = log
>
> Initializing Network Interface x»
> ERROR: OpenPcap() device x» open:
> Error opening adapter: The system cannot find the file specified.
> Fatal Error, Quitting..

-i expects a network interface name, or number that snort should use to 
listen on. In this case, x isn't a valid network adapter in your system. 
(not surprising)

(Advice from here down is win32 specific, unix users ignore:)

On windows, usually 1 or 2 is the adapter you want. So you'd use -i 2 not -ix

From a command line, you can run snort -W to list all the valid interfaces 
on the system, and what number they are. You should get output similar to 
what windump -D does:

1.\Device\NPF_GenericNdisWanAdapter (Generic NdisWan adapter)
2.\Device\NPF_{7BAC7A38-7285-42D7-AEC7-2ECE8C0999E2} (Intel(R) PRO/100+ 
Management Adapter (Microsoft's Packet Scheduler) )





-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users