[Snort-users] IDMEF Plugin
lelesi at ...9251...
Wed May 21 16:35:05 EDT 2003
What is the current status of the IDMEF Plugin?
I noted that "--enable-idmef" is no longer a complile option in version
Given this, after sorting through the various versions, I installed
1.9.0 from Silicon Defense which incorporates the IDMEF Plugin. I
installed all the requisite software: idmef, xml2, ntp. I enabled the
plugin and got no apparent errors upon loading Snort. However, upon
reception of traffic, Snort seg faults. When I turn off the IDMEF
Plugin, I don't get any seg faults.
I also tried installing version 1.8.7. However, as noted in a previous
post from Andrew Walther, I also get a libidmef not found error when I
run Snort's ./configure.
More information about the Snort-users