Snort mailing list archives
RE: Help on this error
From: "Michael Steele" <michaels () silicondefense com>
Date: Thu, 24 Oct 2002 08:47:05 -0700
Hector, Ok, Now start adding, try: Snort -c c:\snort\snort.conf -l c:\snort\logs -i3 Note: the -l in the above line is a lower case L Make sure that an actual logs folder exists in c:\snort\ and change any of the paths to fit your setup. If your still getting errors, send me a cut and past of any errors you get. Also do a snort -V and cut and past that info. Also send me your snort.conf file. -Michael -- Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: hgonzalez () mcanet net [mailto:hgonzalez () mcanet net] Sent: Thursday, October 24, 2002 8:21 AM To: Michael Steele Subject: RE: Help on this error Ok, and I also tried "snort -v -i3" and I can see packets flying through. Hector Gonzalez Network Specialist City of McAllen, Tx 78501 (956) 972-7172 hgonzalez () mcanet net |---------+-----------------------------> | | "Michael Steele" | | | <michaels@silicond| | | efense.com> | | | | | | 10/24/2002 10:13 | | | AM | | | | |---------+----------------------------->
-----------------------------------------------------------------------
-------------------------------------------------------| | | | To: "'Hector Gonzalez'" <hgonzalez () mcanet net> | | cc: | | Subject: RE: Help on this error |
-----------------------------------------------------------------------
-------------------------------------------------------| Hector, Try a "snort -v" -Michael -- Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: Hector Gonzalez [mailto:hgonzalez () mcanet net] Sent: Thursday, October 24, 2002 8:16 AM To: michaels () silicondefense com Subject: Help on this error C:\Snort>Snort -c C:\snort\snort.conf -I C:\inetpub\wwwroot\logs -i Log directory = log Initializing Network Interface \ WARNING: OpenPcap() device \Device\Packet_NdisWanIp network lookup: The operation completed successfully. ERROR: OpenPcap() FSM compilation failed: illegal char 'C' PCAP command: C:\inetpub\wwwroot\logs -i3 Fatal Error, Quitting.. Above is the error that I am getting. I am using Win2k Server and I am new to using Snort. The directory "logs" exist in the appropriate directory as stated by your documentation. Could you please assist me on this. If I execute the command as follows "Snort -c C:\snort\snort.conf -I" an "alert.ids" file is create under the directory c:\snort\log. Thanks in advance. ------------------------------------------------------- This sf.net email is sponsored by: Influence the future of Java(TM) technology. Join the Java Community Process(SM) (JCP(SM)) program now. http://ad.doubleclick.net/clk;4729346;7592162;s?http://www.sun.com/javavote _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Help on this error Michael Steele (Oct 24)