[Snort-devel] snort 1.8: [reading from a file]

Andrea Barisani lcars at ...360...
Tue Jul 10 05:16:54 EDT 2001


Hi to all!

I've just updated my IDS with snort 1.8 but with the same flags used by
snort 1.7 (-A full -c rulefile -D -b -d -i eth0 -l /var/log/snort -s) and
the same rules files I see this message in syslog before the startup,

modprobe: modprobe: Can't locate module [reading from a

!!

And in the mysql database there is a new sensor, instead of ip:eth0 now I
have ids.domainname.it:[reading from a file]

I assure you that snort is NOT reading from a tpcdump file, is sniffing
correctly ;)

The ethernet is an Intel eepro100

Any ideas?

Bye

P.S.

What is the [1:0:0] in the alerts? 

------------------------------------------------------------
INFIS Network Administrator & Security Officer
Department of Physics       - University of Trieste
lcars at ...360... - PGP Key 0x8E21FE82
------------------------------------------------------------
"How would you know I'm mad?" said Alice.
"You must be,'said the Cat,'or you wouldn't have come here."
------------------------------------------------------------





More information about the Snort-devel mailing list