[Snort-users] W2K snort launch & halt

Michael Steele michaels at ...155...
Tue Dec 17 11:38:03 EST 2002


Serge,

 

Try:

 

Snort -W

 

This will display all adapters. Pick the appropriate adapter and type:

 

Snort -d -e -v - ix

 

Note: the x in -ix should be the adapter you want Snort to sniff on.

   -Michael

--
 Michael Steele | System Engineer / Support Technician
mailto:michaels at ...155...
 Silicon Defense: IDS solutions - http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Serge D.
Jorgensen
Sent: Wednesday, December 11, 2002 10:55 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] W2K snort launch & halt

 

I just ran into a problem with a Snort install on a clean W2K box -
everything seems to install fine (using WinPcap 2.3 and Snort 1.9), but on
even a basic snort -d -e -v I get an initial "Initializing.", then a
"Warning: OpenPcap() device \Device\Packet_NdisWanIp network lookup:" which
says it completes successfully, initializing snort, and the version
information. then nothing. I can Ctrl-C out of it, which gives the Snort
analyzed 0 out of 0 packets, and ends with a 

Pcap_loop: read error: PacketReceivePacket failedpcapstats: PacketGetStats
error

 

Haven't seen this before - would appreciate any thoughts. Thanks.

 

Serge

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20021217/c3461a98/attachment.html>


More information about the Snort-users mailing list