Re: how to update snort

[Joel Esler <jesler () sourcefire com>]

We recommend the use of PulledPork for rule management, and we write our detection with the features of pulledpork in 
mind.

J

On Nov 21, 2011, at 3:55 PM, codeforfun wrote:

> Where should i extract the snort-snapshot compressed file to?
>
> I have downloaded the latest rule set from the website and now want to 
> update my local copy.
>
>
> codeforfun
>
>
>
>
> On 15/11/2011 23:02, acv wrote:
> > Hi,
> >
> > Sounds like your wireless device does not support promiscuous mode. Try using
> > WinDump on the interface, if it fails to, you'll know that it's the hardware
> > (and/or drivers) and not snort.
> >
> > Alex
> >
> > On Tue, Nov 15, 2011 at 10:03:34PM +0000, codeforfun wrote:
> > > Date: Tue, 15 Nov 2011 22:03:34 +0000
> > > From: codeforfun<codeforfun () gawab com>
> > > To: snort-users () lists sourceforge net
> > > Subject: [Snort-users] snort wireless card "ERROR: Can't start DAQ (-1) - ê!î???!"
> > >
> > > I have installed snort and have it running fine with my wired interface.
> > >
> > > But when i try to run snort with my wireless card i get this error
> > > "ERROR: Can't start DAQ (-1) - ê!î???!"
> > >
> > > Could someone please help point me in the right direction?
> > >
> > >
> > >
> > > Full Error Message:
> > >
> > > Initializing Output Plugins!
> > > pcap DAQ configured to passive.
> > > Acquiring network traffic from
> > > "\Device\NPF_{########-####-####-############}".
> > > ERROR: Can't start DAQ (-1) - ê!î???!
> > > Fatal Error, Quitting..
> > >
> > >
> > >
> > > Version information:
> > >
> > > Snort Version 2.9.1.2-ODBC-MySQL-WIN32 IPv6 GRE (Build 84)
> > > Using PCRE version: 8.10 2010-06-25
> > > Using ZLIB version: 1.2.3
> > > WinPcap 4.1.2
> > >
> > >
> > > --
> > > codeforfun
> > >
> > > ------------------------------------------------------------------------------
> > > RSA(R) Conference 2012
> > > Save $700 by Nov 18
> > > Register now
> > > http://p.sf.net/sfu/rsa-sfdev2dev1
> > > _______________________________________________
> > > Snort-users mailing list
> > > Snort-users () lists sourceforge net
> > > Go to this URL to change user options or unsubscribe:
> > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > Snort-users list archive:
> > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > >
> > > Please visit http://blog.snort.org to stay current on all the latest Snort news!
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure 
> contains a definitive record of customers, application performance, 
> security threats, fraudulent activity, and more. Splunk takes this 
> data and makes sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-novd2d
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!


------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure 
contains a definitive record of customers, application performance, 
security threats, fraudulent activity, and more. Splunk takes this 
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!