Snort mailing list archives
Re: Snort wireless
From: Steffen Pfendtner <steffen () wh-netz de>
Date: Sun, 4 Jul 2004 10:13:35 +0200 (CEST)
I compiled snort-2.1.1 with the wireless patch and it works fine. But now when i want to start snort with the -w option i receive a lot of errors!The first and most bad is the following: ERROR: /etc/rules/wifi.rules(9) => Bad protocol: wifi But the patch was applied!!!
Seems like it was not. Have you used configure --enable-wireless ? Start Snort and look for a message like this: --== Initializing Snort ==-- Initializing Output Plugins! Decoding IEEE 802.11 with PRISM headers on interface eth2You have to start snort on an interface wich is either one with PRISM or with 802.11b headers.
Greetings, Steffen Pfendtner -- Steffen Pfendtner <steffen () wh-netz de> GPG Key fingerprint = DF91 11BB 498F 573B 8002 6E0B 3AE3 FF88 EADD B3BC ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training.Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Snort wireless security (Jul 01)
- <Possible follow-ups>
- Re: Snort wireless Steffen Pfendtner (Jul 04)
- Snort Wireless Razia Mir (Jul 28)