[Fwd: Re: [Snort-users] Snort on HP-UX 11.00: problems...]

Josh Oshiro josh at ...155...
Thu Apr 19 15:34:41 EDT 2001


-------- Original Message --------
   From: Josh Oshiro <josh at ...155...>
Subject: Re: [Snort-users] Snort on HP-UX 11.00: problems...
     To: Mauro Clementi <m.clementi at ...1781...>

If everything went well you should see something like this.
"
        --== Initializing Snort ==--

Initializing Network Interface eth0
Decoding Ethernet on interface eth0
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
database: compiled support for ( mysql postgresql )
database: configured to use mysql
database:          user = snort
database: database name = snort
database:          host = localhost
database:   sensor name = 10.0.0.18
database:     sensor id = 1
database: using the "log" facility
1147 Snort rules read...
1147 Option Chains linked into 168 Chain Headers
0 Dynamic rules
+++++++++++++++++++++++++++++++++++++++++++++++++++

Rule application order: ->activation->dynamic->alert->log->pass

        --== Initialization Complete ==--

-*> Snort! <*-
Version 1.7
By Martin Roesch (roesch at ...66..., www.snort.org)
"
if your not seeing this when snort starts then turn off deamon mode -D
or if thats not it then try turning -A off entirly the snort defualt is
full.
also if i were just testing snort i would put on -v to see alerts on the
screen.

hope this helps

 Clementi wrote:

> Good evening to everybody.
>
> I am trying to address some problems in order to have snort 1.7
> running
> on a hpux 11 machine.
> Briefly: I downoladed from a hpux free sw porting center (in .depot.gz
>
> format) and installed the software.
> The web site indicated dependencies from openssl 0.9.6 (and that's ok
> with me) and libpcap.0.5.2.
> First thing I had to do was to find that I had to update to
> libcap0.6.2.
> Ok, no problem, but I still
> cannot have any proof that snort is working on my machine. I do not
> know
> why it looks like it started successfully,
> but it did not write a single log line. As I found in the snort faq, I
>
> tried to start as
>
> ./snort -A fast -c snort.conf   ........ and the first time it
> prompted
> with /var/log/snort  no such file or directory.
>
> Nice start. I created what was requested and restarted snort, with the
>
> same (silent) result...
>
> Second down (and long, I think...)
> ./snort -A fast -D (otherwise it prompts for error:0) -s  (the
> standard
> syslog file for the system being /var/adm/syslog/syslog.conf)....
> still
> no results.
>
> I went nowhere also when I specified the -i lan1 option on the command
>
> line.
>
> I should like to train myself on snort, just starting to use it more
> or
> less like the good ol' tcp_wrapper (that I could not compile on Hp-ux
> 11, even if
> it works fine on hp-ux 10, but ask to hp for this  :-|    )
>
> Am I missing something?
> If I could choose the platform, I should go Linux all the way, but I
> cannot.
>
> Any suggestion welcome
> Thank you very much
>
> Mauro
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

--
josh at ...155...
Snort Support
Silicon Defense







More information about the Snort-users mailing list