[Snort-users] Snort 2.0 as a Windows Service??

kerberos K kerberos_k at ...125...
Tue Apr 22 13:16:21 EDT 2003


Russ,

Here is the output from that command:

C:\Snort\snort\bin>snort -c c:\snort\snort\etc\snort.conf -l 
c:\snort\snort\log -h 10.0.1.0.0/24 -
Running in IDS mode
Log directory = c:\snort\snort\log

Initializing Network Interface 
\Device\NPF_{2B69D982-02F2-4669-B6F4-A80FB5340CAB}

        --== Initializing Snort ==--
Initializing Output Plugins!
Decoding Ethernet on interface 
\Device\NPF_{2B69D982-02F2-4669-B6F4-A80FB5340CAB}
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file c:\snort\snort\etc\snort.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
No arguments to frag2 directive, setting defaults to:
    Fragment timeout: 60 seconds
    Fragment memory cap: 4194304 bytes
    Fragment min_ttl:   0
    Fragment ttl_limit: 5
    Fragment Problems: 0
    Self preservation threshold: 500
    Self preservation period: 90
    Suspend threshold: 1000
    Suspend period: 30
Stream4 config:
    Stateful inspection: ACTIVE
    Session statistics: INACTIVE
    Session timeout: 30 seconds
    Session memory cap: 8388608 bytes
    State alerts: INACTIVE
    Evasion alerts: INACTIVE
    Scan alerts: ACTIVE
    Log Flushed Streams: INACTIVE
    MinTTL: 1
    TTL Limit: 5
    Async Link: 0
    State Protection: 0
    Self preservation threshold: 50
    Self preservation period: 90
    Suspend threshold: 200
    Suspend period: 30
Stream4_reassemble config:
    Server reassembly: INACTIVE
    Client reassembly: ACTIVE
    Reassembler alerts: ACTIVE
    Ports: 21 23 25 53 80 110 111 143 513 1433
    Emergency Ports: 21 23 25 53 80 110 111 143 513 1433
http_decode arguments:
    Unicode decoding
    IIS alternate Unicode decoding
    IIS double encoding vuln
    Flip backslash to slash
    Include additional whitespace separators
    Ports to decode http on: 80
rpc_decode arguments:
    Ports to decode RPC on: 111 32771
    alert_fragments: INACTIVE
    alert_large_fragments: ACTIVE
    alert_incomplete: ACTIVE
    alert_multiple_requests: ACTIVE
telnet_decode arguments:
    Ports to decode telnet on: 21 23 25 119
database: compiled support for ( mysql odbc )
database: configured to use mysql
database:          user = snort
database: password is set
database: database name = snort
database:          host = 127.0.0.1
database:          port = 3306
database:   sensor name = Websrv15e
database:     sensor id = 2
database: schema version = 106
database: using the "alert" facility
database: compiled support for ( mysql odbc )
database: configured to use mysql
database:          user = snort
database: database name = snort
database:          host = 127.0.0.1
database:          port = 3306
database:   sensor name = Websrv15e
ERROR: database: mysql_error: Access denied for user: 'snort at ...263...' 
(Using password: NO)
Fatal Error, Quitting..



More information about the Snort-users mailing list