Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort wireless

From: Steffen Pfendtner <steffen () wh-netz de>
Date: Sun, 4 Jul 2004 10:13:35 +0200 (CEST)
I compiled snort-2.1.1 with the wireless patch and it works fine. But now when i want to start snort with the -w option i receive a lot of errors! 
The first and most bad is the following:
ERROR: /etc/rules/wifi.rules(9) => Bad protocol: wifi

But the patch was applied!!!


Seems like it was not.
Have you used configure --enable-wireless ?

Start Snort and look for a message like this:

        --== Initializing Snort ==--
Initializing Output Plugins!
Decoding IEEE 802.11 with PRISM headers on interface eth2
You have to start snort on an interface wich is either one with PRISM or with 802.11b headers. 

Greetings,
Steffen Pfendtner

--
Steffen Pfendtner <steffen () wh-netz de>
GPG Key fingerprint = DF91 11BB 498F 573B 8002  6E0B 3AE3 FF88 EADD B3BC


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com 
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: