Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Problems reading dump files

From: Pete Schuyler <peter_schuyler () pyxis sra com>
Date: Tue, 07 Aug 2001 13:29:45 -0400
I am installing Snort 1.8P1 (Build 43) on an analysis station, and am
having a problem. I currently log packet captures with tethereal, which
has worked fine for some time. Tcpdump reads these files without a
problem, as does ethereal. Snort doesn't seem to like the file format,
and yields a status output which indicates that it read only 1 "Other"
packet, and "received signal 3, exiting". It seems to be parsing the
snort.conf correctly, as I get a posotive rule count. I have tried
upgrading the libpcap to 0.6.2, but that doesn't seem to work as
tcpdump still indicates version 0.4. I'm running on RedHat 7.1, kernel
2.4.3-12. I'm sure I'm probably missing something simple, but if someone

could help fill in the blanks, it would be much appreciated.

Pete Schuyler

P.S. Congratulations Marty on the new addition. Great class at SANSfire
D.C.!!


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: