Win2K OpenPcap Probs

[Brad Plies <maliki () mail utexas edu>]

I, like some others, am having problems with using
idscenter.  The error is:

Message:
  |> IDScenter test console <|
  -- Press ENTER after checking Snorts output --
  Log directory = log

  Initializing Network Interface \
  ERROR: OpenPcap() FSM compilation failed:
  syntax error
  PCAP command: Files\Sourcefire\Snort\snort.conf -l C:\Program

And not like the message on the FAQ:
  ERROR: OpenPcap() device open:
  Error opening adapter

Nonetheless I re-installed OpenPcap to be sure, no success.

Running snort in console mode kinda-sorta works, meaning
it doesn't get auto-killed but I didn't pick up any
activity in the alert file and only a small statistic
on # of received ARP packets.  Oh, and some kind of
OpenPcap statistics error happens when you're shutting
down snort.  I'll copy/paste that error another time.

My questions are:
Does idscenter extend snort's functionality in any way, besides
the GUI?  If I configure snort through idscenter and run it
in console mode, will it still behave identically?  Does
anyone know how to get idscenter to work under Win2K who
have had this error at one time?

Thanks in advance,
Brad




_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users