[Snort-users] snort.conf problem: i think

Kevin Moker kevin.moker at ...3130...
Fri Jan 25 12:18:02 EST 2002


Can someone tell me what I am doing wrong?  I am running snort on win2k (yeah, I know, that's my first mistake) and need to figure out why the following error is coming up.  I am new to snort and I am having some difficulties with it.

Here is the error:

C:\snort>snort -dev -l c:\inetpub\wwwroot\Logs -h 10.0.0.13/24 -c snort.conf

        --== Initializing Snort ==--

Initializing Network Interface \Device\Packet_{A4B3B48F-2737-45FB-82D6-D79E5EA5C55D}
Decoding Ethernet on interface \Device\Packet_{A4B3B48F-2737-45FB-82D6-D79E5EA5C55D}
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...

*WARNING*: unknown preprocessor "frag2", ignoring!


*WARNING*: unknown preprocessor "stream4", ignoring!


*WARNING*: unknown preprocessor "stream4_reassemble", ignoring!


*WARNING*: unknown preprocessor "rpc_decode", ignoring!


*WARNING*: unknown preprocessor "bo", ignoring!


*WARNING*: unknown preprocessor "telnet_decode", ignoring!

Using LOCAL time
Error: Unknown config: classification

This command works:

C:\snort>snort -dev -l c:\inetpub\wwwroot\Logs -h 10.0.0.13/24

        --== Initializing Snort ==--

Initializing Network Interface \Device\Packet_{A4B3B48F-2737-45FB-82D6-D79E5EA5C55D}
Decoding Ethernet on interface \Device\Packet_{A4B3B48F-2737-45FB-82D6-D79E5EA5C55D}

        --== Initialization Complete ==--

-*> Snort! <*-
Version 1.7-WIN32
By Martin Roesch (roesch at ...66..., www.snort.org)
WIN32 Port By Michael Davis (mike at ...92..., www.datanerds.net/~mike)

This is why I think it's the conf file but I don't have enough knowledge yet on this. Can someone help?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020125/a3f88117/attachment.html>


More information about the Snort-users mailing list