Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Problems Snort and Windows XP

From: "Steven Watts" <stewatts () hotmail com>
Date: Thu, 28 Oct 2004 17:19:21 +0100
Hi
I have reverted to version 3.0 of WINPCAP and I am using the latest binary from snort.org but now I am getting: 

C:\Snort>snort -v

       --== Initializing Snort ==--

Initializing Network Interface
ERROR: OpenPcap() device  open:
       Error opening adapter
I am also running VMWARE on this machine (although snort executes on the "real machine") wasn't sure if this would affect the network setup as it now has virtual network devices for VMware 

Any ideas?

Thanks


From: "Chris Reid" <chris.reid () codecraftconsultants com>
Reply-To: chris.reid () codecraftconsultants com
To: "Steven Watts" <stewatts () hotmail com>
CC: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Problems Snort and Windows XP
Date: Mon, 25 Oct 2004 11:31:17 -0600 (MDT)
MIME-Version: 1.0
Received: from mc11-f9.hotmail.com ([65.54.167.16]) by mc11-s18.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Mon, 25 Oct 2004 11:57:51 -0700 Received: from sc8-sf-uberspam1.sourceforge.net ([66.35.250.206]) by mc11-f9.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Mon, 25 Oct 2004 11:57:50 -0700 Received: from projects.sourceforge.net (sc8-sf-list1-b.sourceforge.net [10.3.1.7])by sc8-sf-uberspam1.sourceforge.net (Postfix) with ESMTPid BECF91D2F65; Mon, 25 Oct 2004 10:32:12 -0700 (PDT) Received: from sc8-sf-mx1-b.sourceforge.net ([10.3.1.11] helo=sc8-sf-mx1.sourceforge.net)by sc8-sf-list1.sourceforge.net with esmtp (Exim 4.30)id 1CM8gp-0006Hc-Uwfor snort-users () lists sourceforge net; Mon, 25 Oct 2004 10:31:27 -0700 Received: from dsl-edgt-66-18-199-34-cgy.nucleus.com([66.18.199.34] helo=toronto.codecraftconsultants.com ident=nxe5jb02pohzsyglmwwq)by sc8-sf-mx1.sourceforge.net with esmtp (TLSv1:AES256-SHA:256)(Exim 4.41)id 1CM8go-0006SL-Oafor snort-users () lists sourceforge net; Mon, 25 Oct 2004 10:31:27 -0700 Received: from toronto.codecraftconsultants.com (IDENT:jxtoehdgdsdymj3ncus3 () localhost codecraftconsultants com [IPv6:::1])by toronto.codecraftconsultants.com (8.12.9/8.12.9) with ESMTP id i9PHVHfv016720;Mon, 25 Oct 2004 11:31:18 -0600 (MDT) Received: (from www@localhost)by toronto.codecraftconsultants.com (8.12.9/8.12.9/Submit) id i9PHVH6k009584;Mon, 25 Oct 2004 11:31:17 -0600 (MDT) Received: from 66.46.120.133 (SquirrelMail authenticated user chris); by webmail.codecraftconsultants.com with HTTP; Mon, 25 Oct 2004 11:31:17 -0600 (MDT) 
X-Message-Info: 0jbW5ANosZJmSZkGtX6Uhi34uFNyiR7g
X-Authentication-Warning: toronto.codecraftconsultants.com: www set sender to chris.reid () codecraftconsultants com using -f 
Message-ID: <14978.66.46.120.133.1098725477.squirrel@66.46.120.133>
In-Reply-To: <BAY9-F41bg5XmllgYBr00000fa6 () hotmail com>
References: <BAY9-F41bg5XmllgYBr00000fa6 () hotmail com>
User-Agent: SquirrelMail/1.4.3a
X-Mailer: SquirrelMail/1.4.3a
X-Spam-Score: 0.1 (/)
X-Spam-Report: Spam Filtering performed by sourceforge.net.See http://spamassassin.org/tag/ for more details.Report problems to http://sf.net/tracker/?func=add&group_id=1&atid=2000010.0 SF_CHICKENPOX_SLASH BODY: Text interparsed with /0.0 SF_CHICKENPOX_MINUS BODY: Text interparsed with -0.0 SF_CHICKENPOX_BACKSLASH BODY: Text interparsed with \0.0 SF_CHICKENPOX_APOSTROPHE BODY: Text interparsed with '0.0 SF_CHICKENPOX_PERIOD BODY: Text interparsed with .0.0 SF_CHICKENPOX_UNDERSCORE BODY: Text interparsed with _ 
Errors-To: snort-users-admin () lists sourceforge net
X-BeenThere: snort-users () lists sourceforge net
X-Mailman-Version: 2.0.9-sf.net
Precedence: bulk
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/snort-users>,<mailto:snort-users-request () lists sourceforge net?subject=unsubscribe> List-Id: Snort users talk about... Snort! <snort-users.lists.sourceforge.net> 
List-Post: <mailto:snort-users () lists sourceforge net>
List-Help: <mailto:snort-users-request () lists sourceforge net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/snort-users>,<mailto:snort-users-request () lists sourceforge net?subject=subscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum=snort-users> 
X-Original-Date: Mon, 25 Oct 2004 11:31:17 -0600 (MDT)
Return-Path: snort-users-admin () lists sourceforge net
X-OriginalArrivalTime: 25 Oct 2004 18:57:50.0966 (UTC) FILETIME=[86B63160:01C4BAC4] 

Steven,

Snort 1.7 is quite dated compared to the current stable version.  Unless
you have a compelling reason not to, I would suggest downloading the 2.2
version for Windows from the snort.org website and try that one instead.

Chris Reid


> Hi Guys
>
> I have come to use Snort for the first time and I can't get it to work. I 
> am using XP SP2 and I have downloaded the binary from:
> http://download.datanerds.net/binaries/snort-1.7-win32-static.zip
>
> I have have kept all the default settings and when I run snort -v, I get: 
>
>         --== Initializing Snort ==--
>
> Initializing Network Interface
> \Device\NPF_GenericNdisWanAdapter\Device\NPF_{A39
> 55445-5C9F-446B-9101-ADF5DF55692D}\Device\NPF_{3043B94A-6935-45DC-8B78-5F6ABC 
>
> Then I get a windows error saying "Snort has encountered a problem and
> needs to close"
>
> Can anyone help?
>
> Thanks in advance
>



-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


_________________________________________________________________
Want to block unwanted pop-ups? Download the free MSN Toolbar now! http://toolbar.msn.co.uk/ 



-------------------------------------------------------
This Newsletter Sponsored by: Macrovision For reliable Linux application installations, use the industry's leading setup authoring tool, InstallShield X. Learn more and evaluate today. http://clk.atdmt.com/MSI/go/ins0030000001msi/direct/01/ 
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: