Re: zlib and Centos 5.6

[Eoin Miller <eoin.miller () trojanedbinaries com>]

On Sun, May 22, 2011 at 7:34 PM, Dan Erxleben <derxleben () gmail com 
<mailto:derxleben () gmail com>> wrote:
>     I'm attempting to get snort 2.9.0.5 running on Centos 5.6 and when
>     initializing it keeps error'ing on enable 'inspecti_gzip'
>     inspection, which i've found to be attributed to zlib.
>
>     ERROR: /etc/snort/snort.conf(239) => Enable 'inspect_gzip'
>     inspection before setting 'unlimited_decompress'
>     Fatal Error, Quitting..
>
>     funny thing is, i've got zlib installed:
>
>     [root@dhcp10-101 snort-2.9.0.5]# rpm -qa | grep zlibzlib-devel-1.2.3-3
>     zlib-1.2.3-3
>
>     and I wiped snort and recompiled with zlib enabled:
>
>     ./configure --with-mysql --enable-dynamicplugin --enable-zlib
>
>     Whats the deal. Any help is appreciated.
>
>
>     Thanks!
>
>
>     -- 
>     >From the Desk of:
>     *Dan Erxleben*
>     derxleben () gmail com <mailto:derxleben () gmail com>
Try using the snort.conf that comes with the VRT ruleset. There are lots 
of changes that happen in there and it should be the basis for your 
Snort configuration. The one that came with the source code in the past 
was not updated and there are new features that you will not take 
advantage of if you continue to use the old conf from previous versions.

-- Eoin

------------------------------------------------------------------------------
vRanger cuts backup time in half-while increasing security.
With the market-leading solution for virtual backup and recovery, 
you get blazing-fast, flexible, and affordable data protection.
Download your free trial now. 
http://p.sf.net/sfu/quest-d2dcopy1

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users