[Snort-users] Snort on WIN XP

Michael Steele michaels at ...9077...
Tue Feb 7 12:11:29 EST 2012


You have a few things wrong.

 

Change:

dynamicpreprocessor directory C:\Snort\lib\snort_dynamicpreprocessor\

 

Change to:

dynamicpreprocessor directory C:\Snort\lib\snort_dynamicpreprocessor

 

Change:

preprocessor normalize_ip4

preprocessor normalize_tcp: ips ecn stream

preprocessor normalize_icmp4

preprocessor normalize_ip6

preprocessor normalize_icmp6

 

Change to:

# preprocessor normalize_ip4

# preprocessor normalize_tcp: ips ecn stream

# preprocessor normalize_icmp4

# preprocessor normalize_ip6

# preprocessor normalize_icmp6

 

Possibly more?

 

Kindest regards,

Michael...

 

WINSNORT.com Management Team Member

--

****************** Established ~ 2001 *******************

*          Visit Us @  <http://www.winsnort.com> http://www.winsnort.com
*

*      ~~ FREE WinIDS Snort installation guides ~~      *

*               ~~ FREE support forums ~~               *

* Snort: Open Source Network IDS -  <http://www.snort.org>
http://www.snort.org *

*********************************************************

 

From: Jagan Mohan Reddy D [mailto:jagan.mohan507 at ...11827...] 
Sent: Tuesday, February 07, 2012 11:43 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Snort on WIN XP

 

While i am running Snort on WIN XP, i am unable to run it..!

 

 

C:\Snort\bin>snort -A console -i 1 -c C:\Snort\etc\snort.conf -l
C:\Snort\log -K  ascii

 

Running in IDS mode

 

        --== Initializing Snort ==--

Initializing Output Plugins!

Initializing Preprocessors!

Initializing Plug-ins!

Parsing Rules file "C:\Snort\etc\snort.conf"

PortVar 'HTTP_PORTS' defined :  [ 80:81 311 591 593 901 1220 1414 1830 2301
2381

 2809 3128 3702 5250 7001 7777 7779 8000 8008 8028 8080 8088 8118 8123
8180:8181

 8243 8280 8888 9090:9091 9443 9999 11371 ]

PortVar 'SHELLCODE_PORTS' defined :  [ 0:79 81:65535 ]

PortVar 'ORACLE_PORTS' defined :  [ 1024:65535 ]

PortVar 'SSH_PORTS' defined :  [ 22 ]

PortVar 'FTP_PORTS' defined :  [ 21 2100 3535 ]

PortVar 'SIP_PORTS' defined :  [ 5060:5061 5600 ]

Detection:

   Search-Method = AC-Full-Q

    Split Any/Any group = enabled

    Search-Method-Optimizations = enabled

    Maximum pattern length = 20

ERROR: C:\Snort\etc\snort.conf(237) Missing/incorrect dynamic engine lib
specifi

er.

Fatal Error, Quitting..

 

 

 

What's wrong with my snort....?

 

Here i'm attaching my snort.conf file

 

Plz help me on this...

 

 

 

 


----------------
D J M Reddy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120207/ec31608b/attachment.html>


More information about the Snort-users mailing list