Snort mailing list archives
Re: Error using latest ruleset with Snort++
From: Jim Campbell <jim () w4bqp net>
Date: Sat, 15 Jul 2017 08:26:20 -0400
Russ,I found why Snort 3 isn't picking up hyperscan. Noah's cookbook for installing Snort 3 has me getting hyperscan 4.2.0 but Snort is checking to see if 4.4.0 is installed.
I attempted to install hyperscan 4.4.0 but CMake is looking for three prerequisites that I don't want to pursue now because it is past midnight. The three prereqs are Doxygen, Spinx and sqlite3. CMake whined about the first two but absolutely refused to go on for lack of sqlite3. I'll try to fix after a night's sleep.
Jim On 7/14/2017 5:16 PM, Russ wrote:
4. Your gid:138 rules are rejected by Snort 3 because you need hyperscan for sd_pattern. That is available for Intel platforms from https://github.com/01org/hyperscan.
-- "We are not human beings having a spiritual experience; we are spiritual beings having a human experience." ---Pierre Teilhard de Chardin
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Error using latest ruleset with Snort++, (continued)
- Re: Error using latest ruleset with Snort++ Russ via Snort-users (Jul 13)
- Re: Error using latest ruleset with Snort++ Jim Campbell (Jul 13)
- Re: Error using latest ruleset with Snort++ Russ via Snort-users (Jul 13)
- Re: Error using latest ruleset with Snort++ Jim Campbell (Jul 13)
- Re: Error using latest ruleset with Snort++ Russ via Snort-users (Jul 14)
- Re: Error using latest ruleset with Snort++ Jim Campbell (Jul 14)
- Re: Error using latest ruleset with Snort++ Russ via Snort-users (Jul 14)
- Re: Error using latest ruleset with Snort++ Jim Campbell (Jul 14)
- Re: Error using latest ruleset with Snort++ João Soares via Snort-users (Jul 14)
- Re: Error using latest ruleset with Snort++ Russ via Snort-users (Jul 15)
- RES: Error using latest ruleset with Snort++ Renan Menezes via Snort-users (Jul 15)
- Re: Error using latest ruleset with Snort++ Jim Campbell (Jul 15)