[Snort-users] how to update snort

codeforfun codeforfun at ...10619...
Mon Nov 21 18:07:33 EST 2011


thanks Joel.
I will use pulledpork then.


codeforfun


On 21/11/2011 22:06, Joel Esler wrote:
> We recommend the use of PulledPork for rule management, and we write our detection with the features of pulledpork in mind.
>
> J
>
> On Nov 21, 2011, at 3:55 PM, codeforfun wrote:
>
>> Where should i extract the snort-snapshot compressed file to?
>>
>> I have downloaded the latest rule set from the website and now want to
>> update my local copy.
>>
>>
>> codeforfun
>>
>>
>>
>>
>> On 15/11/2011 23:02, acv wrote:
>>> Hi,
>>>
>>> Sounds like your wireless device does not support promiscuous mode. Try using
>>> WinDump on the interface, if it fails to, you'll know that it's the hardware
>>> (and/or drivers) and not snort.
>>>
>>> Alex
>>>
>>> On Tue, Nov 15, 2011 at 10:03:34PM +0000, codeforfun wrote:
>>>> Date: Tue, 15 Nov 2011 22:03:34 +0000
>>>> From: codeforfun<codeforfun at ...10619...>
>>>> To: snort-users at lists.sourceforge.net
>>>> Subject: [Snort-users] snort wireless card "ERROR: Can't start DAQ (-1) - ê!î???!"
>>>>
>>>> I have installed snort and have it running fine with my wired interface.
>>>>
>>>> But when i try to run snort with my wireless card i get this error
>>>> "ERROR: Can't start DAQ (-1) - ê!î???!"
>>>>
>>>> Could someone please help point me in the right direction?
>>>>
>>>>
>>>>
>>>> Full Error Message:
>>>>
>>>> Initializing Output Plugins!
>>>> pcap DAQ configured to passive.
>>>> Acquiring network traffic from
>>>> "\Device\NPF_{########-####-####-############}".
>>>> ERROR: Can't start DAQ (-1) - ê!î???!
>>>> Fatal Error, Quitting..
>>>>
>>>>
>>>>
>>>> Version information:
>>>>
>>>> Snort Version 2.9.1.2-ODBC-MySQL-WIN32 IPv6 GRE (Build 84)
>>>> Using PCRE version: 8.10 2010-06-25
>>>> Using ZLIB version: 1.2.3
>>>> WinPcap 4.1.2
>>>>
>>>>
>>>> --
>>>> codeforfun
>>>>
>>>> ------------------------------------------------------------------------------
>>>> RSA(R) Conference 2012
>>>> Save $700 by Nov 18
>>>> Register now
>>>> http://p.sf.net/sfu/rsa-sfdev2dev1
>>>> _______________________________________________
>>>> Snort-users mailing list
>>>> Snort-users at lists.sourceforge.net
>>>> Go to this URL to change user options or unsubscribe:
>>>> https://lists.sourceforge.net/lists/listinfo/snort-users
>>>> Snort-users list archive:
>>>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>>>
>>>> Please visit http://blog.snort.org to stay current on all the latest Snort news!
>>
>> ------------------------------------------------------------------------------
>> All the data continuously generated in your IT infrastructure
>> contains a definitive record of customers, application performance,
>> security threats, fraudulent activity, and more. Splunk takes this
>> data and makes sense of it. IT sense. And common sense.
>> http://p.sf.net/sfu/splunk-novd2d
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest Snort news!





More information about the Snort-users mailing list