Snort mailing list archives
Compiling Dynamic Rules - Web-ActiveX/Web-IIS/SQL/Multimedia Fail
From: Eoin Miller <eoin.miller () trojanedbinaries com>
Date: Thu, 28 Jan 2010 22:34:42 +0000
We are trying to compile the snort dynamic rules from source. Reason
being is that we are running 2.8.5.2 and the precompiled rules contained
within the tarball complain about LibVersion when we try to execute
Snort. When we try to run make inside of so_rules/src, we get the
following output:
user@host:~/usr/src/snort-2.8.5.2/so_rules/src$ make
ls: cannot access web-activex_*.c: No such file or directory
ls: cannot access web-iis_*.c: No such file or directory
ls: cannot access sql_*.c: No such file or directory
ls: cannot access multimedia_*.c: No such file or directory
dos_openldap-authcid.c:193: warning: âskip_over_dataâ defined but not used
building p2p ... done
building dos ... done
building exploit ... done
building bad-traffic ... done
building web-activex ... gcc: web-activex_*.o: No such file or directory
We have pulled the web-activex, web-iis, sql and multimedia items out of
the lib array within the so_rules/src/Makefile and it will compile
correctly. However, are files missing from the source tree that are
required to compile and use these rules for a reason? The precompiled
directories have the web-activex/web-iis/sql/multimedia SO files in them...
Also, noticed the so_rules/src/Makefile has a SNORT_VERSION variable set
to 2.8.0.2 by default. If we update it to the corresponding current
version value of 2.8.5.2, it also fails to compile as this isn't in the
Makefile. We fell back to setting the option to 2.8.5.1 and it compiled
without issue but hopefully the args required for 2.8.5.2 are the same
as 2.8.5.1?
From so_rules/src/Makefile
---snip---
ifeq (${SNORT_VERSION},2.8.5.1)
MYCFLAGS+= -DHAS_METADATA=1 -DHAS_SESSION_DATA=1 -DREQ_ENGINE_LIB_MINOR=9
SEEN=1
---snip---
-- Eoin
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
Current thread:
- Compiling Dynamic Rules - Web-ActiveX/Web-IIS/SQL/Multimedia Fail Eoin Miller (Jan 28)
- Re: Compiling Dynamic Rules - Web-ActiveX/Web-IIS/SQL/Multimedia Fail Nigel Houghton (Jan 28)
- Re: Compiling Dynamic Rules - Web-ActiveX/Web-IIS/SQL/Multimedia Fail Eoin Miller (Jan 28)
- Re: Compiling Dynamic Rules - Web-ActiveX/Web-IIS/SQL/Multimedia Fail Patrick Mullen (Feb 03)
- Re: Compiling Dynamic Rules - Web-ActiveX/Web-IIS/SQL/Multimedia Fail Nigel Houghton (Jan 28)