Snort mailing list archives
Re: snort new ruleset and vision rules
From: Michael Boman <michael () ayeka dyndns org>
Date: Sat, 25 Aug 2001 00:28:23 +0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday 25 August 2001 00:03, Liam burke wrote:
Whenever I try to load snort using the snort's ruleset and vision.rules it won't start. <snip of snort.conf> include vision.rules <snd snip> messages from syslog - Aug 24 16:54:40 engarde snort: Initializing daemon mode Aug 24 16:54:41 engarde kernel: eth0: Setting promiscuous mode. Aug 24 16:54:41 engarde kernel: device eth0 entered promiscuous mode Aug 24 16:54:41 engarde snortd: snort startup succeeded Aug 24 16:54:42 engarde kernel: device eth0 left promiscuous mode and that's all. Any ideas? LB
What about giving us the output from: # /path/to/snort -T -c /path/to/snort.conf (any other options you are using) and # cat /path/to/snort.conf | grep -v ^# | grep -v ^$ That would make the whole thing easier to track down, with the current information we can't do anything. and please, include your snort version. Best regards Michael Boman - -- There is no such thing as a system that is secure out of the box. Tim [Timothy M. Mullen, CIO of AnchorIS.Com] claimed earlier this morning that he had found one at WalMart the other day that was secure out of the box, but as it turns out that was a Nintendo. - -- Jesper M Johansson, Ph.D. Assistant Professor of Information Systems at Boston University - during a SANS audio broadcast -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7hoCtjD4u/xp0yJcRAgYOAJ9YmxIVzYEjMNJ1WIzSOQUnrqSeZgCeMjv5 uscHcZVkurlpzAJ5v6szt0c= =h6Cs -----END PGP SIGNATURE----- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort new ruleset and vision rules Liam burke (Aug 24)
- Re: snort new ruleset and vision rules Michael Boman (Aug 24)
- <Possible follow-ups>
- RE: snort new ruleset and vision rules Liam burke (Aug 24)
- Re: snort new ruleset and vision rules Michael Boman (Aug 24)
- RE: snort new ruleset and vision rules Jason Long (Aug 24)
- RE: snort new ruleset and vision rules william . c . gercken (Aug 24)