[Snort-users] About Snort GUI report:Just missed the result

Mayur Patil ram.nath241089 at ...11827...
Sat Feb 9 14:42:04 EST 2013


Hello,

   I checked my PC and....

   Oops !!

   I have not Ethernet cards installed.

   So I decided to run on single card i.e. eth0.

   I am using VMware workstation for snort installation on Ubuntu 10.04.

   So,Continued on eth0 vmware network adapter, I used configuration as
follows:

*   auto eth0
   iface eth0 inet static
   address 192.168.1.1
   netmask 255.255.255.0
   network 192.168.1.0
   broadcast 192.168.1.255
   gateway 192.168.1.1
*
   And give command

  * sudo /etc/init.d/networking restart*

   So it works fine.

   Now testing snort phase

  I have given command only for eth0

*  ifconfig eth0 up

  /usr/local/snort/bin/snort -D -u snort -g snort

 /usr/local/bin/barnyard2 -c /usr/local/snort/etc/barnyard2.conf \
           -G /usr/local/snort/etc/gen-msg.map \
           -S /usr/local/snort/etc/sid-msg.map \
           -d /var/log/snort \
           -f snort.u2 \
           -w /var/log/snort/barnyard2.waldo \
           -D
*
  Upto this step, it seems everything works fine.

  Then I put this command

*  sudo /etc/init.d/rc.local start*

  It gives error

*  Spawning daemon Child...

  My daemon child 4079 lives....

  Daemon parent exiting (-1)
*
  So, by googling snort forum,  I disable only

  /usr/local/snort/bin/snort*  #-D -u snort -g snort

  *and again execute command

*  sudo /etc/init.d/rc.local start*

  and Snort starts !! i.e. commencing packet transfer.....

  but when I open URL in browser

  http://192.168.1.1/snortreport-1.3.3/report.php

  browser shows connection timed out.

  Just one step from seeing result.

  Please help !!
 *
--
Cheers,
Mayur*


On Sun, Feb 3, 2013 at 6:41 PM, Mayur Patil <ram.nath241089 at ...11827...>wrote:

> Hello,
>
>    I am newbie to snort using snort 2.9.4 on ubuntu 10.04 server.
>
>    I am following installation guide for snort on ubuntu
>
>    It works fine but at testing stage,
>
>    After entering command,
>
>       sudo /usr/local/snort/bin/snort -u snort -g snort \
>
>         -c /usr/local/snort/etc/snort.conf -i eth1
>
>    it gives error
>
>    ERROR: Can't start DAQ (-1) - SIOCGIFHWADDR: No such device!
>
>    Fatal Error, Quiting..
>
>    This error is discussed several previous issues and I also gone for it.
>
>    But didn't get actual idea of what to do ?? Stucked at the testing of
> snort.
>
>    Need help,
>
>    Thanks !!
>
> *--
> Cheers,
> Mayur. *
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130210/984e20f4/attachment.html>


More information about the Snort-users mailing list