[Snort-users] snort installation error

Sylvain Chillaud sylvain.chillaud at ...11827...
Tue Aug 10 07:32:09 EDT 2010


Hi Jun,

the answer is in your error message : you can't have !any in a rule -> means
'nothing'. You can't detect based on nothing.
Change that in the appropriate rule and it should be ok.

Regards,

Sylvain

2010/8/10 Jun Wan <junwei_wan at ...125...>

>  Hi,
>
> I installed SNORT on a fresh Ubuntu 10.04 by following
> http://it.thelibrarie.com/weblog/?p=515
>
> snort -c /etc/snort/snort.conf -i eth0
>
> I get the following:
>
> Running in IDS mode
> --== Initializing Snort ==--
> Initializing Output Plugins!
> Initializing Preprocessors!
> Initializing Plug-ins
>
> ....pls see the attached details of "Snort installation error.rtf"...
>
>
> +++++++++++++++++++++++++++++++++++++++++++++++++++
> Initializing rule chains...
> Warning: /etc/snort/rules/dos.rules(42) => threshold (in rule) is
> deprecated; use detection_filter instead.
> ERROR: /etc/snort/rules/community-smtp.rules(13) => !any is not allowed
> Fatal Error, Quitting..
>
> Can't find much info via "google", so I would like to have your help.
>
> Any info and help would be much appreciated.
>
> Thanks for your patience with my many Snort questions.
>
> Regards
>
> John
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by
>
> Make an app they can't live without
> Enter the BlackBerry Developer Challenge
> http://p.sf.net/sfu/RIM-dev2dev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100810/5ef81126/attachment.html>


More information about the Snort-users mailing list