[Snort-users] installation problem

Noraini Mariam Binti Mustafa ain_ceria at ...5703...
Wed Jan 1 22:04:12 EST 2003


Hi, I'm having problem on snort installation.. could somebody help me out....
I'm using the window version..

FIRST I HAVE TEST THE PORT I WANT TO USE.. IT CAME OUT LIKE THIS..
_____________________________________________________________
C:\snort>snort -v -i1
Log directory = log

Initializing Network Interface mxnic

        --== Initializing Snort ==--
Decoding Ethernet on interface mxnic

        --== Initialization Complete ==--


-*> Snort! <*-
Version 1.8.7-MySQL-WIN32 (Build 121)
By Martin Roesch (roesch at ...1935..., www.snort.org)
1.7-WIN32 Port By Michael Davis (mike at ...92..., www.datanerds.net/~mike)
1.8-WIN32 Port By Chris Reid (chris.reid at ...3029...)
1.8-WIN32 Compiled By Michael Steele (michaels at ...155..., www.silicon
fense.com)
          (based on code from 1.7 port)
01/02-12:09:52.535276 10.2.0.44:1026 -> 255.255.255.255:60015
UDP TTL:128 TOS:0x0 ID:44098 IpLen:20 DgmLen:540
Len: 520
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

01/02-12:09:52.541257 10.2.0.69:1029 -> 255.255.255.255:60015
UDP TTL:128 TOS:0x0 ID:43342 IpLen:20 DgmLen:540
Len: 520
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

01/02-12:09:52.542872 10.2.0.90:1031 -> 255.255.255.255:60015
UDP TTL:128 TOS:0x0 ID:4445 IpLen:20 DgmLen:540
Len: 520
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
____________________________________________________________

# MEANS IT'S OK I GUESS... THEN I MOVED TO THE NEXT STEP.. THIS IS WHAT HAPPEN...
____________________________________________________________
C:\snort>snort -c c:\snort\snort.conf -| c:\snort\logs -i1
Log directory = log

Initializing Network Interface mxnic

        --== Initializing Snort ==--
Decoding Ethernet on interface mxnic
Parsing Rules file c:\snort\snort.conf
No arguments to frag2 directive, setting defaults to:
    Fragment timeout: 60 seconds
    Fragment memory cap: 4194304 bytes
    Fragment min_ttl:   0
    Fragment ttl_limit: 5
    Fragment Problems: 0
Stream4 config:
    Stateful inspection: ACTIVE
    Session statistics: INACTIVE
    Session timeout: 30 seconds
    Session memory cap: 8388608 bytes
    State alerts: INACTIVE
    Evasion alerts: INACTIVE
    Scan alerts: ACTIVE
    Log Flushed Streams: INACTIVE
    MinTTL: 1
    TTL Limit: 5
No arguments to stream4_reassemble, setting defaults:
     Reassemble client: ACTIVE
     Reassemble server: INACTIVE
     Reassemble ports: 21 23 25 53 80 143 110 111 513
     Reassembly alerts: ACTIVE
     Reassembly method: FAVOR_OLD

        --== Initialization Complete ==--

-*> Snort! <*-
Version 1.8.7-MySQL-WIN32 (Build 121)
By Martin Roesch (roesch at ...1935..., www.snort.org)
1.7-WIN32 Port By Michael Davis (mike at ...92..., www.datanerds.net/~mike)
1.8-WIN32 Port By Chris Reid (chris.reid at ...3029...)
1.8-WIN32 Compiled By Michael Steele (michaels at ...155..., www.siliconde
fense.com)
          (based on code from 1.7 port)
____________________________________________________
# AND.. IT STOP HERE.. WHY IS THIS HAPPENING?

# AFTER THAT.. i'VE TRIED TO INSTALL THE SERVICES.. THIS IS WHAT CAME OUT OF IT..

_________________________________________________________
C:\snort>snort/SERVICE/INSTALL -de -c C:\snort\logs -i1
Format for command line variable definitions is:
 -S var=value
Fatal Error, Quitting..
_________________________________________________________

# ANOTHER PROBLEM IS REGARDING THE APACHE CONF. "HTTPD.CONF"
THIS CAME OUT  WHEN I TEST THE CONFIGURATION SETTING....

___________________________________________________________
Syntax error on line 240 of c:/program files/apache group/apache/conf/httpd.conf
:
Cannot add module via name 'mod_php.c': not in list of loaded modules
Note the errors or messages above, and press the <ESC> key to exit.  22...
________________________________________________________________

# i REALLY NEED AN URGENT REPLY CAUSE I DOING RESEARCH FOR MY FINAL YEAR STUDIES.

NORAINI



_____________________________________________________________
Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.
http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus




More information about the Snort-users mailing list