[Snort-users] error with rulesets

Chris solsat555 at ...1985...
Sat May 5 11:21:14 EDT 2001


snort -V shows : 
-*> Snort! <*-
Version 1.7
By Martin Roesch (roesch at ...66..., www.snort.org)

but... 

snort -v -c conf.file shows : 


Initializing Network Interface eth0
Kernel filter, protocol ALL, TURBO mode (63 frames), raw packet socket
Decoding Ethernet on interface eth0
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
database: compiled support for ( mysql )
database: configured to use mysql
database: database name = snort
database:          user = SOMEone
database:          host = localhost
database: detail level  = full
database:   sensor name = 192.X.G.H
database:     sensor id = DD
database: using the "log" facility
[!] ERROR /etc/snort/exploit.rules(20) => Bad port number: "(msg:"EXPLOIT"

the exploit.rules file (AS ALL the .rules) are from : 
http://www.snort.org/Files/Current/snortrules.tar.gz
for Snort1.7 

checked the rules file, cant pick up whats wrong with it 
please reply !!!! 











More information about the Snort-users mailing list