Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: error message trying to set up Snort for Window s

From: "Uhte, Russ" <RussU () RP-L com>
Date: Mon, 16 Sep 2002 10:47:25 -0500
Just a shot in the dark, but did you install the latest stable version of
winPcap??
-Russ

-----Original Message-----
From: Richard Muniz [mailto:rmuniz () birnerdental com] 
Sent: Monday, September 16, 2002 10:18 AM
To: 'snort-users () lists sourceforge net'
Subject: [Snort-users] error message trying to set up Snort for Windows


hi Everyone,
 
I've been trying to set Snort 1.8.7b121 (Win32 Binary) release on a Windows
2000 Server, Svc pak 3.  I downloaded all the software as per the
instructions posted at
www.silicondefense.com/techsupport/winsnortsnarf-iis_1.8.7.htm
<http://www.silicondefense.com/techsupport/winsnortsnarf-iis_1.8.7.htm> ,
and followed the instructions closely.  The only difference between what I
did vs. the instructions is that I used winZIP rather that WinRAR to
decompress my files.  
 
So far, so good.Now, here's where I run into a problem.  When it comes to
testing snort, I run it, and it's seeing traffic.  Then at the snort command
prompt, I type in Snort -c C:\snort\snort.con -I C:\inetpub\wwwroot\logs -i1
(1 being my adaptor).  I shouldn't be getting this, but I get an error
message that says the following:
 
C:\snort\snort -c C:\snort\snort.conf -I C:\inetpub\wwwroot\logs -I1
Log Directory = log
 
Initializing Network Interface \
ERROR: OpenPcap<> FSM Compilation Failed
                Illegal char 'C'
PCAP command: C:\inetpub\wwwroot\logs -i1
Fatal Error, Quitting..
 
I've uninstalled, reinstalled, double and triple checked to ensure I'm
running the correct version, even downloaded the software again after having
uninstalled the old, and tried whole new copies.  Here, this is supposed to
generate a file called alert.ids under C:\inetpub\wwwroot\logs, but it
doesn't generate anything.  
 
Anybody ever ran into this, and if so what did you do to solve the problem?
 
Appreciate any assistance.
 
Rich



---
CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive
and confidential use of the intended recipient. If you are not the intended
recipient, please do not read, distribute or take action in reliance upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---
Previous By Date Next
Previous By Thread Next

Current thread: