[Snort-users] Snort WIN32 2.0.0B (B45) Problems (& Solutions)

Nicole Nicholson nanicholson at ...125...
Tue Dec 24 10:58:02 EST 2002


Merry Christmas!

I'm stuck here at work, so I thought I'd try to get the latest Win32 build 
of Snort working and ran into a few problems.  Here's what I managed to fix 
and what's still not working.  Anyone got any suggestions?

Snort Build: 2.0.0 Beta (Build 45) 12/23/02
StdDB & Win32 Service Support
(codecraftconsultants.com)
Test OS: W2K SP3

Problems Discovered & Resolved:
-------------------------------

(1) Incorrect (missing) configuration path in snort.conf.  Change snort.conf 
to something like:


# Path to your rules files (this can be a relative path)
var RULE_PATH ../rules
var CONFIG_PATH ../etc

....

# Include classification & priority settings
#

include $CONFIG_PATH/classification.config

#
# Include reference systems
#

include $CONFIG_PATH/reference.config

(2) "-E" (Log to Win32 Event Viewer) switch doesn't work properly.  Causes 
snort to think it needs a syslog server.  Didn't have time to look at the 
source, so I just dropped the flag for now.

Still Unresolved:
-----------------

(1) Can't execute as service.  /SERVICE /INSTALL works fine, but then when I 
try to start the service, I get: "Process terminated unexpectedly".  Running 
on command line seems to work okay.  (I had this same problem with 1.9, 
too.)

Gonna try to duck out of the office now!  Back on Thursday... :(

Cheers.

-Nicole




_________________________________________________________________
MSN 8 with e-mail virus protection service: 3 months FREE*. 
http://join.msn.com/?page=features/virus&xAPID=42&PS=47575&PI=7324&DI=7474&SU= 
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_eliminateviruses_3mf





More information about the Snort-users mailing list