Snort mailing list archives
Snort NIDS configuration problems
From: Akhil Koul <akhil.koul8 () gmail com>
Date: Sun, 8 May 2016 19:25:56 +0530
I ran into the following error while configuring SNort to run in NIDS mode. I followed the exact procedure as mentioned in the installation guide. 1. Running in Test mode 2. 3. --== Initializing Snort ==-- 4. Initializing Output Plugins! 5. Initializing Preprocessors! 6. Initializing Plug-ins! 7. Parsing Rules file "/etc/snort/snort.conf" 8. PortVar 'HTTP_PORTS' defined : [ 80:81 311 383 591 593 901 1220 1414 1741 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988 7000:7001 7144:7145 7510 7777 7779 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123 8180:8181 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090:9091 9443 9999 11371 34443:34444 41080 50002 55555 ] 9. PortVar 'SHELLCODE_PORTS' defined : [ 0:79 81:65535 ] 10. PortVar 'ORACLE_PORTS' defined : [ 1024:65535 ] 11. PortVar 'SSH_PORTS' defined : [ 22 ] 12. PortVar 'FTP_PORTS' defined : [ 21 2100 3535 ] 13. PortVar 'SIP_PORTS' defined : [ 5060:5061 5600 ] 14. PortVar 'FILE_DATA_PORTS' defined : [ 80:81 110 143 311 383 591 593 901 1220 1414 1741 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988 7000:7001 7144:7145 7510 7777 7779 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123 8180:8181 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090:9091 9443 9999 11371 34443:34444 41080 50002 55555 ] 15. PortVar 'GTP_PORTS' defined : [ 2123 2152 3386 ] 16. Detection: 17. Search-Method = AC-Full-Q 18. Split Any/Any group = enabled 19. Search-Method-Optimizations = enabled 20. Maximum pattern length = 20 21. ERROR: /etc/snort//etc/snort/rules/app-detect.rules(0) Unable to open rules file "/etc/snort//etc/snort/rules/app-detect.rules": No such file or directory. 22. 23. Fatal Error, Quitting.. Any help is appreciated. Thanks and Regards Akhil Koul
------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort NIDS configuration problems Akhil Koul (May 08)
- Re: Snort NIDS configuration problems wkitty42 (May 08)