[Snort-users] snort-stable-snapshot.tar.gz & snort-daily.tar.gz

James Hoagland hoagland at ...47...
Sat Jun 1 09:14:16 EDT 2002


At 9:30 AM -0600 5/31/02, Slighter, Tim wrote:
>Have been experiencing strange anomalies with these new builds where 
>the configure --enable-flexresp works fine as does the "make" and 
>"make install".  However, there have been peculiar errors with 
>snortsnarf being able to parse the alert and portscan.log files. 
>The errors that happen pertain to Time::JulianDate and somehow or 
>another the perl script strips the source and destination IP from 
>the output.  I have ran "make distclean" and re-compiled with and 
>without the --enable-flexresp and always come with up with this same 
>behavior.  Sometimes during the un-tar of these files it generates 
>errors about future dates for certain files being off.   Anyone else 
>seen this or found a work-around ?  As a result of these strange 
>errors, have been forced to regress back to the stable 1.86 version.

If you are getting a complaint about Time::JulianDate then you 
probably didn't install the 'include' files that come with SnortSnarf 
in some place that snortsnarf.pl will find them when run.

Regards,

   Jim
-- 
|*      Jim Hoagland, Associate Researcher, Silicon Defense      *|
|*            --- Silicon Defense: IDS Solutions ---             *|
|*  hoagland at ...47..., http://www.silicondefense.com/  *|
|*   Voice: (530) 756-7317                 Fax: (530) 756-7297   *|




More information about the Snort-users mailing list