Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort WIN32 2.0.0B (B45) Problems (& Solutions)

From: "Nicole Nicholson" <nanicholson () hotmail com>
Date: Tue, 24 Dec 2002 10:41:02 -0800

Merry Christmas!
I'm stuck here at work, so I thought I'd try to get the latest Win32 build of Snort working and ran into a few problems. Here's what I managed to fix and what's still not working. Anyone got any suggestions? 

Snort Build: 2.0.0 Beta (Build 45) 12/23/02
StdDB & Win32 Service Support
(codecraftconsultants.com)
Test OS: W2K SP3

Problems Discovered & Resolved:
-------------------------------
(1) Incorrect (missing) configuration path in snort.conf. Change snort.conf to something like: 


# Path to your rules files (this can be a relative path)
var RULE_PATH ../rules
var CONFIG_PATH ../etc

....

# Include classification & priority settings
#

include $CONFIG_PATH/classification.config

#
# Include reference systems
#

include $CONFIG_PATH/reference.config
(2) "-E" (Log to Win32 Event Viewer) switch doesn't work properly. Causes snort to think it needs a syslog server. Didn't have time to look at the source, so I just dropped the flag for now. 

Still Unresolved:
-----------------
(1) Can't execute as service. /SERVICE /INSTALL works fine, but then when I try to start the service, I get: "Process terminated unexpectedly". Running on command line seems to work okay. (I had this same problem with 1.9, too.) 

Gonna try to duck out of the office now!  Back on Thursday... :(

Cheers.

-Nicole




_________________________________________________________________
MSN 8 with e-mail virus protection service: 3 months FREE*. http://join.msn.com/?page=features/virus&xAPID=42&PS=47575&PI=7324&DI=7474&SU= http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_eliminateviruses_3mf 



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: