[Snort-users] Please help me.. (Last tiem I will send this out, don't think it made it the first time)

Joshua McDowell joshmia2001 at ...131...
Sun Jan 11 03:49:01 EST 2004


Being a pretty new user to snort I have tried my best
and came up with
 nothing.  I looked on the web, the website, the faqs,
and anything else I could
 get my hands on and it didn't work.  So here goes,
maybe I am just tired and someone can point out my
obvious mistake to me. :D
(Praying)
  I recently got 2.0.2 up and running, it refused to
enter UDP ports and port scans into the database,
after much hair pulling I decided that perhaps a new
 version would help. (Laughing like a mad man now,
LITERALLY)
  I download, untared, and compiled 2.1.0 with the
--with-mysql option.  No problem so far.  I cp'ed the
rules into /etc/snort/rules and changed the config
 file accordingly.  I tried to start snort, the first
error message I got was as follows :
Jan 11 05:21:41 sc2 snort: FATAL ERROR:
/etc/snort/snort.conf(285) => Invalid file name for
IIS Unicode Map file.
  Couldn't find much documentation on this one, it is
possible that I can't see anymore from swollen eyes
but I swear to you that I could find NOTHING.
  I figured that one out and fixed on my own.  Next
(Click) place that one in the exhibit A bag.
  Thinking I am rocking and rollig along to seccess, I
hit another snare that
 just plain doesn't appear to exist for anyone else in
the world.  The dredded phrase that I have grown to
memorize like one does their birth date.
 FATAL ERROR: /etc/snort/rules//bad-traffic.rules(13)
=> Unknown ClassType: misc-activity
  I have read until blue in the face and can find
nothing, perhaps I missed something key.
  But if you or anyone you know has any information
that could solve this Un-Solved Mystery, please
contact me through the list.
  
   Joshua McDowell
HTTP://GEOCITIES.COM/JOSHMIA2001/

P.S. I am brand new to the list, I am Joshua :D


__________________________________
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus




More information about the Snort-users mailing list