Snort mailing list archives
Re: seek help for installation for snort2.8
From: Ryan Jordan <ryan.jordan () sourcefire com>
Date: Sat, 23 Jan 2010 12:43:42 -0500
It sounds like you're still using your old snort.conf file. "flow" has been deprecated for some time, and we finally removed it from Snort. Use Stream5 instead. When you upgrade Snort, you should start with the new snort.conf file and make changes to fit your preferences. -Ryan On Fri, Jan 22, 2010 at 10:12 PM, bai haoquan <baihaoquan () gmail com> wrote:
Hi Ryan, I did "make uninstall" in the snort directory, and then delete the /usr/local/snort/, but when I install the snort-2.8.5.2, also failed: .... Portscan Detection Config: Detect Protocols: TCP UDP ICMP IP Detect Scan Type: portscan portsweep decoy_portscan distributed_portscan Sensitivity Level: Low Memcap (in bytes): 10000000 Number of Nodes: 36900 ERROR: /usr/local/snort/etc/snort.conf(190) Unknown preprocessor: "flow". Fatal Error, Quitting.. and I had already add two lines "dynamicpreprocessor directory /usr/local/snort/lib/snort_dynamicpreprocessor/ dynamicengine /usr/local/snort/lib/snort_dynamicengine/libsf_engine.so" in my snort.conf. Please help me to fix this, thank you very much. On Sat, Jan 23, 2010 at 1:09 AM, Ryan Jordan <ryan.jordan () sourcefire com>wrote:Make sure you don't have old preprocessors from previous installations hanging around in your /usr/local/snort/lib/snort_dynamicpreprocessor directory. The easiest way to do this would be to delete them all and re-do "make install". If all else fails, upgrade to a recent version of Snort and try again. Snort 2.8.0 is pretty old in Internet years. On Fri, Jan 22, 2010 at 7:06 AM, bai haoquan <baihaoquan () gmail com>wrote:Hi all, I want to install snort-2.8.0 on my Fedora12, but after the "./configure --prefix=/usr/local/snort/ --with-mysql=/usr/local/mysql/ --enable-dynamicplugin --enable-inline, make, make install", then I add two lines "dynamicpreprocessor directory /usr/local/snort/lib/snort_dynamicpreprocessor/ dynamicengine /usr/local/snort/lib/snort_dynamicengine/libsf_engine.so" in my snort.conf, but when I use commandline "snort -c /usr/local/snort/etc/snort.conf" to start snort, some erres msg occurd as below: ..... Loading dynamic preprocessor library /usr/local/snort/lib/snort_dynamicpreprocessor//libsf_dcerpc_preproc.so... done Loading dynamic preprocessor library /usr/local/snort/lib/snort_dynamicpreprocessor//libsf_ssl_preproc.so... done Loading dynamic preprocessor library /usr/local/snort/lib/snort_dynamicpreprocessor//libsf_dns_preproc.so... done Finished Loading all dynamic preprocessor libs from /usr/local/snort/lib/snort_dynamicpreprocessor/ ERROR: Failed to initialize dynamic preprocessor: SF_SSLPP version 1.1.3 I am looking forward to your early reply and thanks very much. ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users<https://lists.sourceforge.net/lists/listinfo/snort-usersSnort-users>list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- seek help for installation for snort2.8 bai haoquan (Jan 22)
- Re: seek help for installation for snort2.8 Ryan Jordan (Jan 22)
- Message not available
- Re: seek help for installation for snort2.8 Ryan Jordan (Jan 23)
- Message not available
- Re: seek help for installation for snort2.8 Ryan Jordan (Jan 22)