RE: Snort v1.8 b7 Windows Problems

[Frank Knobbe <FKnobbe () KnobbeITS com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dennis,

this has been fixed a few days ago. The problem was Snort trying to
log to filenames that included a ':' (which designates an alternate
data stream). I believe the guys at Silicon Defense have a newer
executable that includes this fix. You might want to update
Snort(.exe) again.

Regards,
Frank

> -----Original Message-----
> From: Dennis Cooper [mailto:dennisc () kdoc dc state ks us]
> Sent: Wednesday, August 15, 2001 3:39 PM
>
> I have a problem with Snort v1.8 Beta v7 that maybe someone else
> has a solution to...
> I am running Windows 2000 Sp2, & Snort 1.8 Beta 7. 
> Snort loads and runs fine with this startup line (same one I 
> used for quite
> some time with Snort v1.7):
> c:\snort\snort.exe -i2 -Afull -cc:\snort\snort_config.txt 
> -lc:\snort\log -X 
> (All directories exist, and all files are correct and 
> configured for Snort
> v1.8)
>
> What it does not do is log the offending packets correctly in 
> their own
> directories.
> It creates the IP named directory, but the files have no 
> contents. (have a
> zero byte count).
> The Alert.ids file is correctly written though... 
>
> Am I missing something here? 
>
> Thanks!!!
>
> Dennis Cooper, MSST III

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME encrypted email preferred.

iQA/AwUBO3rjj5ytSsEygtEFEQIEGwCg4aSbhN7gq+DJLY8mIZgTYZFlH8QAn1qj
6U6epz2nb5VELpbdGdIXRXRL
=5oQg
-----END PGP SIGNATURE-----

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users