Snort mailing list archives
Re: snort
From: Nick Moore <nmoore () sourcefire com>
Date: Tue, 14 Feb 2012 06:49:37 -0600
Jagan, My guess is that your snort.conf file contains a reference to log/merged.log. Since the "/" is used in linux/unix systems and the "\" is used in Windows, you should find that reference in snort.conf and edit it to match the proper file name and path on your system. Also, please consider moving to linux/unix. Shared object rules are not available for Windows and this leaves you unprotected against a number of threats. If you need more specific help, please also consider attaching your snort.conf file to these requests. It will likely speed up response time and give those that would help more information. Happy Snorting, Nick On Tue, Feb 14, 2012 at 6:23 AM, Jagan Mohan Reddy D < jagan.mohan507 () gmail com> wrote:
I am runing snort on WIN XP I am executing snort with Mysql..... While runing snort on win XP, i got the following error... C:\snort\bin> snort -c C:\Snort\etc\snort.conf +---------------------------------------------------------------- [ Number of patterns truncated to 20 bytes: 1012 ] pcap DAQ configured to passive. Acquiring network traffic from "\Device\NPF_{D2775E7F-A95E-4DC5-AB8D-CCFE1A2DF92 6}". Decoding Ethernet ERROR: C:\Documents and Settings\Administrator\My Documents\snortbuild\snort-2.9 .1.2\src\output-plugins\spo_unified2.c(302) Could not open log/merged.log: No such file or directory Fatal Error, Quitting.. I am unable to locate the that path in my system... whats wrong with my Snort....? Can any one reply me..... ---------------- Thanks & records D J M Reddy ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
-- Nick Moore, SFCE, CISSP, CISA Sr. Systems Engineer Voice 708-336-9041 Email nick.moore () sourcefire com IM nickgmoore (Yahoo) nickgmoore38 (AIM) ,,_ o" )~ Sourcefire - The Creators of Snort '''' www.sourcefire.com www.snort.org www.immunet.com
------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!