FW: [Snort-users] FW: ERROR: OpenPcap

Michael Steele michaels at ...155...
Wed Jun 19 14:38:08 EDT 2002


All;

I always miss the easy ones! It was not only marked once, but twice! :-)


Next..

-Michael
--
 Michael Steele | System Engineer / Support Technician
 mailto:michaels at ...155...
 Silicon Defense: IDS solutions - http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org



-----Original Message-----
From: Mike Balzotti [mailto:mike.balzotti at ...6139...] 
Sent: Wednesday, June 19, 2002 1:37 PM
To: Chris Reid; Michael Steele
Subject: RE: [Snort-users] FW: ERROR: OpenPcap

Ok yeah that worked.

Thanks for the fast reply. I knew it was something stupid that I was
doing.

Mike


-----Original Message-----
From: Chris Reid [mailto:chris.reid at ...3029...]
Sent: Wednesday, June 19, 2002 1:23 PM
To: Michael Steele; snort-users at lists.sourceforge.net
Cc: Mike Balzotti
Subject: Re: [Snort-users] FW: ERROR: OpenPcap



Mike,

Take a closer look at the command line.  There's a space between
"Program"
and "Files", and another space between "Apache" and "Group".  Put the
whole
path after -l in double quotes.

Chris Reid



----- Original Message -----
From: "Michael Steele" <michaels at ...155...>
To: <snort-users at lists.sourceforge.net>
Sent: Wednesday, June 19, 2002 1:26 PM
Subject: [Snort-users] FW: ERROR: OpenPcap


>
> Mike,
>
> Use Snort -W to get a list of adapters. Say you only have one adapter,
> so it should show your adapter in location 1.  CD to your snort folder
> and type Snort -v -i1 and that will allow snort to sniff on adapter 1.
> After doing this you should see all kinds of traffic in the command
> window, if not go to your browser and generate some traffic.
>
> Let me know how things go.
>
> -Michael
> --
>  Michael Steele | System Engineer / Support Technician
>  mailto:michaels at ...155...
>  Silicon Defense: IDS solutions - http://www.silicondefense.com
>  Snort: Open Source Network IDS - http://www.snort.org
>
>
>
> -----Original Message-----
> From: Mike Balzotti [mailto:mike.balzotti at ...6139...]
> Sent: Wednesday, June 19, 2002 11:41 AM
> To: michaels at ...155...
> Subject: ERROR: OpenPcap
>
> I am trying to install snort from your documentation. Upon testing to
> make sure it is working I get an error.
> The test I am running is
> Snort -c C:\snort\Snort.conf -l C:\Program Files\Apache
> Group\Apache\htdocs\logs -ix
> where is x = 1
>
> The snort -v -x1 works fine as far as I can tell.
>
> The error I get on the fist is as fallows
>
> C:\Snort\Snort -c C:\snort\Snort.conf -l C:\Program Files\Apache
> Group\Apache\htdocs\logs -ix
> log directory = C:\Program
>
> Initializing Network Interface \
> ERROR: OpenPcap() FSM compilation failed:
>                 parse error
> PCAP command: Files\Apache Group\Apache\htdocs\logs -i2
> Fatal Error, quitting..
>
> Thanks for your help in this.
>
> Mike Balzotti
> Network Systems Technician II
> World Wide Packets
> <http://www.worldwidepackets.com>
> 1-509-242-9411
>
>
>
>
>
>
>
------------------------------------------------------------------------
--
--
>                    Bringing you mounds of caffeinated joy
>                    >>>     http://thinkgeek.com/sf    <<<
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>









More information about the Snort-users mailing list