[Snort-users] traffic

Deepika p dgpks1 at ...11827...
Fri Jun 22 10:52:58 EDT 2012


Hi,
  I am not getting traffic after running snort in verbose mode

c:\temp> c:\winids\snort\bin\snort -W

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.2.3-ODBC-MySQL-WIN32 IPv6 GRE (Build 205)
   ''''    By Martin Roesch & The Snort Team:
http://www.snort.org/snort/snort-t
eam
           Copyright (C) 1998-2012 Sourcefire, Inc., et al.
           Using PCRE version: 8.10 2010-06-25
           Using ZLIB version: 1.2.3

Index   Physical Address        IP Address      Device Name     Description
-----   ----------------        ----------      -----------     -----------
    1   00:00:00:00:00:00       0000:0000:fe80:0000:0000:0000:b4af:fd3b
\Device\
NPF_{4B956E29-E640-4D01-9087-798E3F5BC411}      Microsoft
    2   00:00:00:00:00:00       0000:0000:fe80:0000:0000:0000:35f1:0c2c
\Device\
NPF_{D33FABD2-08A8-4FEE-86DB-5935FE26E333}      Microsoft
    3   00:00:00:00:00:00       0000:0000:fe80:0000:0000:0000:d4a1:6ded
\Device\
NPF_{64F2971F-CAAA-4114-80E3-A0A1FD1C6DD5}      Microsoft
    4   00:00:00:00:00:00       0000:0000:fe80:0000:0000:0000:0446:02a3
\Device\
NPF_{183F7B88-682B-4954-9169-35CD964D23DA}      Atheros L1C PCI-E Ethernet
Contr
oller

c:\temp>c:\winids\snort\bin\snort -v -i1

Running in packet dump mode

        --== Initializing Snort ==--
Initializing Output Plugins!
pcap DAQ configured to passive.
The DAQ version does not support reload.
Acquiring network traffic from
"\Device\NPF_{4B956E29-E640-4D01-9087-798E3F5BC41
1}".
Decoding Ethernet

        --== Initialization Complete ==--

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.2.3-ODBC-MySQL-WIN32 IPv6 GRE (Build 205)
   ''''    By Martin Roesch & The Snort Team:
http://www.snort.org/snort/snort-t
eam
           Copyright (C) 1998-2012 Sourcefire, Inc., et al.
           Using PCRE version: 8.10 2010-06-25
           Using ZLIB version: 1.2.3

Commencing packet processing (pid=5296)

 here it stuck off till 30 minutes and system  connected to Internet

Is it because of Interfaces ? Do I need to add any interface to my windows
7 and it is of what kind ? Plz suggest a solution.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120622/390a3a88/attachment.html>


More information about the Snort-users mailing list