[Snort-Users] Patching Snort with SnortSAM

[Daniél Haslinger <daniel.haslinger () rotheneder com>]

Hi ..

I've sent this message in error directly to frank knobbe before,
please forgive me :)

There's a problem here while patching snort with snortsam..

this is what I do - and the problem too...:
----------------------------------------------------------
# ./patchsnort.sh ../../        (my snort sources are two directories higher..)
Patching Snort version 2.0...
  Looks like a unified context diff.
File to patch: _
----------------------------------------------------------

here it wants me to give input - but I don't know what and I couldn't find it 
in any howto on the snortsam webpage,
on howto's which describe how to do the patch-work there is no need to 
enter information like the systems asks here ...

My environment:

snort Version 2.02 (it didn't work out on 2 and 2.01 too to get further than now..)
actual SnortSam release
Sun Solaris 8 (5.8 on an ultra-sparc)

it would be GREAT if ya could help me!..
many thanks,
Daniél


     Daniél Haslinger
      Security & Engineering 

--------------------------------------------------------------------------------

      :: Rotheneder GmbH Schillerplatz 1 - A 3100 St.Pölten 
      :: eMail daniel.haslinger () rotheneder com 
      :: website http://www.rotheneder.com 

  ----- Original Message ----- 
  From: snort () van-wijnen net 
  To: 'John Hally' ; snort-users () lists sourceforge net 
  Sent: Wednesday, October 15, 2003 10:58 PM
  Subject: RE: [Snort-users] byte_test and Snortcenter


  Hi John,

  It's a bug in snortcenter with rule 1882.
  Have a look at this previous post: (search google on snortcenter
  byte_test)
  http://groups.google.com/groups?q=snortcenter+byte_test&start=10&hl=nl&l
  r=&ie=UTF-8&oe=UTF-8&selm=bef4ej%241itj%241%40FreeBSD.csie.NCTU.edu.tw&r
  num=12

  This explains how to solve the problem.

  Cheers,
  Rick.



  -----Oorspronkelijk bericht-----
  Van: snort-users-admin () lists sourceforge net
  [mailto:snort-users-admin () lists sourceforge net] Namens John Hally
  Verzonden: dinsdag 14 oktober 2003 22:28
  Aan: 'snort-users () lists sourceforge net'
  Onderwerp: [Snort-users] byte_test and Snortcenter

  Hello,

  I just installed snort-2.0.2 along with snortcenter.  I updated the
  snort-sigs from the internet and push the rules fine, but when I try
  restarting the sensor, it fails because of the byte_test operator.  Why
  would v2.0.2 not accept the byte_test operator?  Has anyone else run
  into
  this?

  Thanks in advance!

  John Hally


  -------------------------------------------------------
  This SF.net email is sponsored by: SF.net Giveback Program.
  SourceForge.net hosts over 70,000 Open Source Projects.
  See the people who have HELPED US provide better services:
  Click here: http://sourceforge.net/supporters.php
  _______________________________________________
  Snort-users mailing list
  Snort-users () lists sourceforge net
  Go to this URL to change user options or unsubscribe:
  https://lists.sourceforge.net/lists/listinfo/snort-users
  Snort-users list archive:
  http://www.geocrawler.com/redir-sf.php3?list=snort-users




  -------------------------------------------------------
  This SF.net email is sponsored by: SF.net Giveback Program.
  SourceForge.net hosts over 70,000 Open Source Projects.
  See the people who have HELPED US provide better services:
  Click here: http://sourceforge.net/supporters.php
  _______________________________________________
  Snort-users mailing list
  Snort-users () lists sourceforge net
  Go to this URL to change user options or unsubscribe:
  https://lists.sourceforge.net/lists/listinfo/snort-users
  Snort-users list archive:
  http://www.geocrawler.com/redir-sf.php3?list=snort-users