Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort NIDS configuration problems

From: Akhil Koul <akhil.koul8 () gmail com>
Date: Sun, 8 May 2016 19:25:56 +0530
I ran into the following error while configuring SNort to run in NIDS mode.
I followed the exact procedure as mentioned in the installation guide.


   1. Running in Test mode
   2.
   3.         --== Initializing Snort ==--
   4. Initializing Output Plugins!
   5. Initializing Preprocessors!
   6. Initializing Plug-ins!
   7. Parsing Rules file "/etc/snort/snort.conf"
   8. PortVar 'HTTP_PORTS' defined :  [ 80:81 311 383 591 593 901 1220 1414
   1741 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988 7000:7001
   7144:7145 7510 7777 7779 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123
   8180:8181 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090:9091 9443 9999
   11371 34443:34444 41080 50002 55555 ]
   9. PortVar 'SHELLCODE_PORTS' defined :  [ 0:79 81:65535 ]
   10. PortVar 'ORACLE_PORTS' defined :  [ 1024:65535 ]
   11. PortVar 'SSH_PORTS' defined :  [ 22 ]
   12. PortVar 'FTP_PORTS' defined :  [ 21 2100 3535 ]
   13. PortVar 'SIP_PORTS' defined :  [ 5060:5061 5600 ]
   14. PortVar 'FILE_DATA_PORTS' defined :  [ 80:81 110 143 311 383 591 593
   901 1220 1414 1741 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988
   7000:7001 7144:7145 7510 7777 7779 8000 8008 8014 8028 8080 8085 8088 8090
   8118 8123 8180:8181 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090:9091
   9443 9999 11371 34443:34444 41080 50002 55555 ]
   15. PortVar 'GTP_PORTS' defined :  [ 2123 2152 3386 ]
   16. Detection:
   17.    Search-Method = AC-Full-Q
   18.     Split Any/Any group = enabled
   19.     Search-Method-Optimizations = enabled
   20.     Maximum pattern length = 20
   21. ERROR: /etc/snort//etc/snort/rules/app-detect.rules(0) Unable to
   open rules file "/etc/snort//etc/snort/rules/app-detect.rules": No such
   file or directory.
   22.
   23. Fatal Error, Quitting..


Any help is appreciated.

Thanks and Regards
Akhil Koul

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: