Snort mailing list archives

Re: rules file doesn't work properly, no DoS or portscan detected...


From: Gijs van der Velden <gijsvandervelden () live nl>
Date: Sun, 26 May 2013 17:00:42 +0200

I'm running TCadmin on the same system, which uses winpcap.

But I've just disabled tcadmin and rebooted the system and the problem still persists, so that isn't the cause either...





Date: Sun, 26 May 2013 10:17:05 -0400
From: wkitty42 () windstream net
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] rules file doesn't work properly, no DoS or portscan detected...

On 5/26/2013 07:31, Gijs van der Velden wrote:
I have specified an interface but the same problem persists.
I'm sorry if this wasn't clear in my last message.

Could it be that a different application is also using winpcap on the same
system and that's why it doesn't work?

it may be possible if winpcap doesn't allow for more than one app to use it at 
the same time... what other software are you running that would be using winpcap 
at the same time that snort is running??

-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.

------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
                                          
------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread: