Snort mailing list archives
FW: FW: ERROR: OpenPcap
From: "Michael Steele" <michaels () silicondefense com>
Date: Wed, 19 Jun 2002 14:39:30 -0700
All; I always miss the easy ones! It was not only marked once, but twice! :-) Next.. -Michael -- Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: Mike Balzotti [mailto:mike.balzotti () worldwidepackets com] Sent: Wednesday, June 19, 2002 1:37 PM To: Chris Reid; Michael Steele Subject: RE: [Snort-users] FW: ERROR: OpenPcap Ok yeah that worked. Thanks for the fast reply. I knew it was something stupid that I was doing. Mike -----Original Message----- From: Chris Reid [mailto:chris.reid () codecraftconsultants com] Sent: Wednesday, June 19, 2002 1:23 PM To: Michael Steele; snort-users () lists sourceforge net Cc: Mike Balzotti Subject: Re: [Snort-users] FW: ERROR: OpenPcap Mike, Take a closer look at the command line. There's a space between "Program" and "Files", and another space between "Apache" and "Group". Put the whole path after -l in double quotes. Chris Reid ----- Original Message ----- From: "Michael Steele" <michaels () silicondefense com> To: <snort-users () lists sourceforge net> Sent: Wednesday, June 19, 2002 1:26 PM Subject: [Snort-users] FW: ERROR: OpenPcap
Mike, Use Snort -W to get a list of adapters. Say you only have one adapter, so it should show your adapter in location 1. CD to your snort folder and type Snort -v -i1 and that will allow snort to sniff on adapter 1. After doing this you should see all kinds of traffic in the command window, if not go to your browser and generate some traffic. Let me know how things go. -Michael -- Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: Mike Balzotti [mailto:mike.balzotti () worldwidepackets com] Sent: Wednesday, June 19, 2002 11:41 AM To: michaels () silicondefense com Subject: ERROR: OpenPcap I am trying to install snort from your documentation. Upon testing to make sure it is working I get an error. The test I am running is Snort -c C:\snort\Snort.conf -l C:\Program Files\Apache Group\Apache\htdocs\logs -ix where is x = 1 The snort -v -x1 works fine as far as I can tell. The error I get on the fist is as fallows C:\Snort\Snort -c C:\snort\Snort.conf -l C:\Program Files\Apache Group\Apache\htdocs\logs -ix log directory = C:\Program Initializing Network Interface \ ERROR: OpenPcap() FSM compilation failed: parse error PCAP command: Files\Apache Group\Apache\htdocs\logs -i2 Fatal Error, quitting.. Thanks for your help in this. Mike Balzotti Network Systems Technician II World Wide Packets <http://www.worldwidepackets.com> 1-509-242-9411
------------------------------------------------------------------------ -- --
Bringing you mounds of caffeinated joy >>> http://thinkgeek.com/sf <<< _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
---------------------------------------------------------------------------- Bringing you mounds of caffeinated joy >>> http://thinkgeek.com/sf <<< _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- FW: ERROR: OpenPcap Michael Steele (Jun 19)
- Re: FW: ERROR: OpenPcap Chris Reid (Jun 19)
- <Possible follow-ups>
- FW: FW: ERROR: OpenPcap Michael Steele (Jun 19)
- FW: FW: ERROR: OpenPcap Michael Steele (Jun 19)