Re: Having trouble editing the configuration file for Windows

["Michael Steele" <michaels () winsnort com>]

It wants a path, not a filename.

 

PATH to dynamic preprocessor libraries
dynamicpreprocessor directory C:\Snort\lib\snort_dynamicpreprocessor\sf_dcerpc.dll

 

Chane from: C:\Snort\lib\snort_dynamicpreprocessor\sf_dcerpc.dll

Change to: C:\Snort\lib\snort_dynamicpreprocessor

 

Exactly as above with no trailing \

 

 

The below configuration line needs hashed out (not available in Windows).

 

# path to dynamic rules libraries
dynamicdetection directory C:\Snort\lib\snort_dynamicengine\sf_engine.dll



Change from: dynamicdetection directory C:\Snort\lib\snort_dynamicengine\sf_engine.dll

Change to: # dynamicdetection directory C:\Snort\lib\snort_dynamicengine\sf_engine.dll

 

Best regards,

Michael...

 

WINSNORT.com Management…

--

****************** Established ~ 2001 *******************

*          Visit Us @  <http://www.winsnort.com/> http://www.winsnort.com           *

*      ~~ FREE WinIDS Snort installation guides ~~      *

*               ~~ FREE support forums ~~               *

* Snort: Open Source Network IDS -  <http://www.snort.org/> http://www.snort.org *

*********************************************************

 

From: Trevor Thompson [mailto:trevthom18 () gmail com] 
Sent: Wednesday, July 23, 2014 5:14 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Having trouble editing the configuration file for Windows

 

Hello,

I would like to run snort with custom rulesets on a couple of different Windows VM's such as: Windows Server 2008, 
Windows 7, and Windows XP, but I'm having issues with changing the path for the dynamic library files. I already edited 
the section of the code that specified the path these different dynamic libraries would be on a Linux system, but I am 
still having errors with running snort using the conf file that I edited. Here is the chunk of code that I edited, and 
the error that snort encounters while trying to run:

# path to dynamic preprocessor libraries
dynamicpreprocessor directory C:\Snort\lib\snort_dynamicpreprocessor\sf_dcerpc.dll

# path to base preprocessor engine
dynamicengine C:\Snort\lib\snort_dynamicengine\sf_engine.dll

# path to dynamic rules libraries
dynamicdetection directory C:\Snort\lib\snort_dynamicengine\sf_engine.dll

"ERROR: c:\snort\etc\snort.conf(243) Could not stat dynamic module path "C:\Snort\lib\snort\dynamic_

preprocessor\sf_dcerpc.dll": No such file or directory"

 

I've been following a tutorial that told me to change the path's to the different dynamic library files in this manner, 
but the program still will not compile correctly. Here is a link to the tutorial:

http://kailaspatil.blogspot.com/2013/07/tutorial-to-configure-and-use-snort-ids.html

 

The dynamicpreprocessor directory seems to be what is causing the issue. I looked in the folder to see if I could find 
the file specified but I couldn't find the file in any of the different directories that come with the Windows 
Installation. Is there a different path that I should specify for this path of the program? Or, is there a place where 
I can download this dynamic library. I've been searching on the internet to find any clues, but haven't had much luck - 
 any type of help would be appreciated. 

Thanks,

Trevor

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!