Snort mailing list archives
Re: Barnyard issue
From: "Atkins, Dwane P" <ATKINSD () uthscsa edu>
Date: Wed, 19 Jan 2011 15:14:13 -0600
Elz, Now that I have downloaded it, can I just untar it and have it complete the update? Or is there something special I need to do? Thanks Dwane -----Original Message----- From: beenph [mailto:beenph () gmail com] Sent: Tuesday, January 18, 2011 1:52 PM To: Atkins, Dwane P Cc: snort-users () lists sourceforge net"; Bhagya Bantwal Subject: Re: [Snort-users] Barnyard issue Update your barnyard to the latest version http://www.securixlive.com/barnyard2/download.php -elz On Tue, Jan 18, 2011 at 2:43 PM, Bhagya Bantwal <bbantwal () sourcefire com> wrote:
Dwane, record type 110 is the new event we added in snort 290 to log the XFF IP and/or GZIP decompressed data. barnyard needs to be updated to read this record type. We have an updated u2spewfoo which reads this record type (along with all other record types) in snort source tree under tools directory. -B On Tue, Jan 18, 2011 at 2:16 PM, Atkins, Dwane P <ATKINSD () uthscsa edu> wrote:After the weekend, I noticed that once again, my snort processes were not running. The devices were available and could be accessed by the Snort process had stopped. So I ran the rc.local executable and on one, when it executed barnyard2, the following error occurred: Opened spool file '/var/log/snort/snort.u2.1294930780' ERROR: Unknown record type read: 110 Fatal Error, Quitting.. Why would it say that? And why does my process stop all the time? Thanks Dwane ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Barnyard issue Atkins, Dwane P (Jan 18)
- Re: Barnyard issue Bhagya Bantwal (Jan 18)
- Re: Barnyard issue beenph (Jan 18)
- Re: Barnyard issue Rich Graves (Jan 19)
- Re: Barnyard issue beenph (Jan 19)
- Re: Barnyard issue Atkins, Dwane P (Jan 19)
- Re: Barnyard issue beenph (Jan 19)
- Re: Barnyard issue beenph (Jan 18)
- Re: Barnyard issue Bhagya Bantwal (Jan 18)