[Snort-users] RE: Help on this error

Michael Steele michaels at ...155...
Thu Oct 24 08:48:03 EDT 2002


Hector,

Ok,

Now start adding, try:

Snort -c c:\snort\snort.conf -l c:\snort\logs -i3

Note: the -l in the above line is a lower case L

Make sure that an actual logs folder exists in c:\snort\ and change any
of the paths to fit your setup.

If your still getting errors, send me a cut and past of any errors you
get. Also do a snort -V and cut and past that info. Also send me your
snort.conf file.

-Michael
-- 
 Michael Steele | System Engineer / Support Technician     
 mailto:michaels at ...155...    
 Silicon Defense: IDS solutions - http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: hgonzalez at ...7277... [mailto:hgonzalez at ...7277...] 
Sent: Thursday, October 24, 2002 8:21 AM
To: Michael Steele
Subject: RE: Help on this error


Ok, and I also tried "snort  -v -i3" and I can see packets flying
through.

Hector Gonzalez
Network Specialist
City of McAllen, Tx 78501
(956) 972-7172
hgonzalez at ...7277...


|---------+----------------------------->
|         |           "Michael Steele"  |
|         |           <michaels at ...7278...|
|         |           efense.com>       |
|         |                             |
|         |           10/24/2002 10:13  |
|         |           AM                |
|         |                             |
|---------+----------------------------->
 
>-----------------------------------------------------------------------
-------------------------------------------------------|
  |
|
  |       To:       "'Hector Gonzalez'" <hgonzalez at ...7277...>
|
  |       cc:
|
  |       Subject:  RE: Help on this error
|
 
>-----------------------------------------------------------------------
-------------------------------------------------------|




Hector,

Try a "snort -v"

-Michael
--
 Michael Steele | System Engineer / Support Technician
 mailto:michaels at ...155...
 Silicon Defense: IDS solutions - http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: Hector Gonzalez [mailto:hgonzalez at ...7277...]
Sent: Thursday, October 24, 2002 8:16 AM
To: michaels at ...155...
Subject: Help on this error

C:\Snort>Snort -c C:\snort\snort.conf -I C:\inetpub\wwwroot\logs -i
Log directory = log

Initializing Network Interface \
WARNING: OpenPcap() device \Device\Packet_NdisWanIp network lookup:
        The operation completed successfully.

ERROR: OpenPcap() FSM compilation failed:
        illegal char 'C'
PCAP command: C:\inetpub\wwwroot\logs -i3
Fatal Error, Quitting..

Above is the error that I am getting.  I am using Win2k Server and I am
new to using Snort.  The directory
"logs" exist in the appropriate directory as stated by your
documentation.  Could you please assist me
on this.  If I execute the command as follows "Snort -c
C:\snort\snort.conf -I" an "alert.ids" file is create
under the directory c:\snort\log.

Thanks in advance.











More information about the Snort-users mailing list