Ralf.Hildebrandt at ...3909...
Wed May 15 05:22:02 EDT 2002
I'm trying out to run snort together with snortsam and the snort-alert
After a painful installation process due to the lousy docs, I now have
the follwoing problem:
When I start snort, I get:
Back Orifice detection brute force: DISABLED
Using LOCAL time
[Alert_FWsam] Connected to mgmt station 127.0.0.1.
[Alert_FWsam](CheckIn) Password mismatch! Ignoring mgmt station
1086 Snort rules read...
1086 Option Chains linked into 109 Chain Headers
0 Dynamic rules
-*> Snort! <*-
Version 1.8.7beta1 (Build 117)
What the hell is going on?
In my snortsam.conf:
In my snort.conf:
output alert_fwsam: 127.0.0.1:898/mypassword
Clearly, those two passwords match.
Snort is started like this:
-h 184.108.40.206/16,220.127.116.11/21,192.168.0.0/16,172.16.0.0/12 -c
/etc/snort/snort.conf -l /var/log/snort -b -d -u snort -g snort -i eth1
Ralf Hildebrandt (Im Auftrag des Referat V A) Ralf.Hildebrandt at ...3909...
Charite Campus Virchow-Klinikum Tel. +49 (0)30-450 570-155
Referat V A - Kommunikationsnetze - Fax. +49 (0)30-450 570-916
So unleash your nmap-from-hell and beware, you may tickle an obscure
bug in an ancient box hand-built by Seymour Cray himself, the only one
of its kind ever made, whose sole user pays the salaries of everyone
you ever met in the entire time you worked at the company, with money
he makes with an investment strategy hand-coded in assembler for this
special machine, by an analytic wizard who has since died.
More information about the Snort-users