Re: sudo snort -Tc snort.conf failure

["Nicholas Mavis (nmavis)" <nmavis () cisco com>]

David,

As Y M mentioned, if you are installing snort via the Ubuntu repositories it is going to be outdated. I would recommend 
downloading an updated release (2.9.6) from snort.org. The errors you are seeing are fairly straight forward.

 Initializing rule chains...
WARNING /etc/snort/rules/chat.rules(33) threshold (in rule) is deprecated; use detection_filter instead.

ERROR: /etc/snort/rules/community-virus.rules(19) !any is not allowed: !$DNS_SERVERS

As seen in the error above, you have $DNS_SERVERS variable set to "!any" within your snort.conf which is not allowed.

From: David Montgomery <davidmontgomery () gmail com<mailto:davidmontgomery () gmail com>>
Date: Tuesday, February 11, 2014 8:03 AM
To: "snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net>" <snort-users () lists 
sourceforge net<mailto:snort-users () lists sourceforge net>>
Subject: Re: [Snort-users] sudo snort -Tc snort.conf failure

Initializing rule chains...
WARNING /etc/snort/rules/chat.rules(33) threshold (in rule) is deprecated; use detection_filter instead.

ERROR: /etc/snort/rules/community-virus.rules(19) !any is not allowed: !$DNS_SERVERS

------------------------------------------------------------------------------
Android apps run on BlackBerry 10
Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
Now with support for Jelly Bean, Bluetooth, Mapview and more.
Get your Android app in front of a whole new audience.  Start now.
http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!