[Snort-users] barnyard payload

Alwin Raymundo alrayworld at ...131...
Thu Oct 17 12:45:05 EDT 2002


Hi Andrew,

Thanks for replying.

I'm using snort 2.0 (in snort.conf)
output log_unified: filename snort.log, limit 128

I use barnyard-0.1.0-rc3.tar.gz

Thanks again in Advance for you help

Your brother in snort



--- "Andrew R. Baker" <andrewb at ...950...> wrote:
> Alwin Raymundo wrote:
> > Hi Everybody,
> > 
> > Thanks for all your help and I appreciate your
> > patience.  The stupid of me I did not double check
> the
> > command line that I execute.  Please pardon me.
> > 
> > I already change it but I notice something, if
> someone
> > can help I really really apreciate it.
> > 
> > when I execute the command.
> > barnyard  -c /etc/snort/barnyard.conf \
> >     -d /var/log/snort -g /etc/snort/gen-msg.map \
> >     -s /etc/snort/sid-msg.map -f snort.log
> > 
> > Barnyard Version 0.1.0-rc3 (Build 11) started
> > ERROR => No input plugin found for magic: a1b2c3d4
> > Fatal Error, Quitting..
> > Exiting
> > 
> > What does this means.  " ERROR => No input plugin
> > found for magic: a1b2c3e4"
> > 
> > any help would be highly appreciated.
> 
> The magic is the first 4 octets of the unified file
> that is used by 
> Barnyard to determine how it should be processed. 
> However, AFAIK (and i 
> maintain the unified output plugin), the value
> "a1b2c3d4" is never used 
> as a magic values when Snort generates a unified
> file.  What version of 
> Snort are you using and what is the unified output
> configuration in your 
> snort.conf?
> 
> -A
> 
> 


=====
Alwin Raymundo

__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com




More information about the Snort-users mailing list