Compile problems with SNOT

["Eric Hines" <loki () fatelabs com>]

We are having trouble compiling the latest version of SNOT. Has anyone
seen this before or know what we can do to fix the issue? Is their
another tool that some of you prefer over SNOT? STICK seems out of date
and unsupported. I believe the latest file we saw was updated in 1997.
SNOT seems to be the most recent tool for something remotely close to an
IDS benchmarking tool available.


[root@cvs snot-0.92a]# uname -a

Redhat 8.0
Linux testbed.appliedwatch.com 2.4.18-14 #1 Wed Sep 4 12:13:11 EDT 2002
i686 athlon i386 GNU/Linux

[root@testbed snot-0.92a]# make
cc `sh /usr/bin/libnet-config --defines` -c -o snot_parse_rules.o
snot_parse_rules.c
snot_parse_rules.c: In function `parse_rules':
snot_parse_rules.c:894: `LIBNET_PACKET' undeclared (first use in this
function)
snot_parse_rules.c:894: (Each undeclared identifier is reported only
once
snot_parse_rules.c:894: for each function it appears in.)
snot_parse_rules.c:1510:21: warning: no newline at end of file
make: *** [snot_parse_rules.o] Error 1

[root@testbed snot-0.92a]#


Regards,

Eric Hines
CEO, Chairman

===============================================

Eric Hines
CEO, Chairman
Applied Watch Technologies, Inc.
eric.hines () appliedwatch com
-----------------------------------------------
Corporate Headquarters
1650 Carlemont Dr. 
Suite D 
Crystal Lake, IL. 60014 
-----------------------------------------------
Direct Toll Free: (877) 262-7593 (x327)
Fax: (815) 425-2173 
-----------------------------------------------
Main Switchboard: (877) 262-7593 (9am-5pm CST)
Commercial Sales: (877) 262-7593 (opt1)
Government Sales: (877) 262-7593 (opt2)

===============================================


-----Original Message-----
From: Brian [mailto:bmc () snort org] 
Sent: Friday, July 18, 2003 12:50 PM
To: Compton, Rich
Cc: 'snort-sigs () lists sourceforge net';
Snort-users () lists sourceforge net
Subject: [Snort-sigs] Re: [Snort-users] Suggested Sig for Cisco DOS
Vulnerability


FYI, we've released "official" sigs for the cisco DOS.  I've been
informed that Sourceforge's anoncvs server is 24 hours behind the cvs
server we (the developers) commit to.

alert ip any any -> any any (msg:"BAD-TRAFFIC IP Proto 53 (SWIPE)";
ip_proto:53; reference:bugtraq,8211; reference:cve,CAN-2003-0567;
classtype:non-standard-protocol; sid:2186; rev:1;) alert ip any any ->
any any (msg:"BAD-TRAFFIC IP Proto 55 (IP Mobility)"; ip_proto:55;
reference:bugtraq,8211; reference:cve,CAN-2003-0567;
classtype:non-standard-protocol; sid:2187; rev:1;) alert ip any any ->
any any (msg:"BAD-TRAFFIC IP Proto 77 (Sun ND)"; ip_proto:77;
reference:bugtraq,8211; reference:cve,CAN-2003-0567;
classtype:non-standard-protocol; sid:2188; rev:1;) alert ip any any ->
any any (msg:"BAD-TRAFFIC IP Proto 103 (PIM)"; ip_proto:103;
reference:bugtraq,8211; reference:cve,CAN-2003-0567;
classtype:non-standard-protocol; sid:2189; rev:1;)

-brian


-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs




-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users