[Snort-users] First time snorting ... ERROR: The dynamic detection library ...

Alan McKay alan.mckay at ...11827...
Thu Nov 14 11:35:32 EST 2013


Hi folks,

I am following these instructions :
http://www.symmetrixtech.com/articles/016-snortinstallguide2953.pdf

Though with 2.9.5.5 instead of 5.3.  Also, I'm running snort on a
single host (web server) so it is monitoring itself.  Oh and I
installed libdnet from Ubuntu packages and did not build my own as per
this document.  And I'm wondering whether that is my problem (Ubuntu
12.04)

Those instructions are fantastic BTW - thanks to David Gullett!   I'd
tried previously to sift through some other material and I very
quickly ended up over my head.

Anyway I get right down to the last part where I try to start it up,
but no such luck :-(  I did some googling on this but really could not
find much of anything.

ERROR: The dynamic detection library
"/usr/local/snort/lib/snort_dynamicrules/netbios.so" version 1.0
compiled with dynamic engine library version 2.0 isn't compatible with
the current dynamic engine library
"/usr/local/snort/lib/snort_dynamicengine/libsf_engine.so" version
2.1.

Fatal Error, Quitting..


root at ...16588...:~/snort/barnyard2-2-1.13# /usr/local/snort/bin/snort -u
snort -g snort -c /usr/local/snort/etc/snort.conf -i eth0

Running in IDS mode


        --== Initializing Snort ==--

Initializing Output Plugins!

Initializing Preprocessors!

Initializing Plug-ins!

Parsing Rules file "/usr/local/snort/etc/snort.conf"

PortVar 'HTTP_PORTS' defined :  [ 36 80:90 311 383 591 593 631 801 818
901 972 1158 1220 1414 1741 1830 2301 2381 2809 3037 3057 3128 3443
3702 4000 4343 4848 5117 5250 6080 6988 7000:7001 7144:7145 7510 7770
7777 7779 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123 8180:8181
8222 8243 8280 8300 8500 8509 8800 8888 8899 9000 9060 9080 9090:9091
9443 9999:10000 11371 12601 34443:34444 41080 50000 50002 55252 55555
]

PortVar 'SHELLCODE_PORTS' defined :  [ 0:79 81:65535 ]

PortVar 'ORACLE_PORTS' defined :  [ 1024:65535 ]

PortVar 'SSH_PORTS' defined :  [ 22 ]

PortVar 'FTP_PORTS' defined :  [ 21 2100 3535 ]

PortVar 'SIP_PORTS' defined :  [ 5060:5061 5600 ]

PortVar 'FILE_DATA_PORTS' defined :  [ 36 80:90 110 143 311 383 591
593 631 801 818 901 972 1158 1220 1414 1741 1830 2301 2381 2809 3037
3057 3128 3443 3702 4000 4343 4848 5117 5250 6080 6988 7000:7001
7144:7145 7510 7770 7777 7779 8000 8008 8014 8028 8080 8085 8088 8090
8118 8123 8180:8181 8222 8243 8280 8300 8500 8509 8800 8888 8899 9000
9060 9080 9090:9091 9443 9999:10000 11371 12601 34443:34444 41080
50000 50002 55252 55555 ]

PortVar 'GTP_PORTS' defined :  [ 2123 2152 3386 ]

Detection:

   Search-Method = AC-Full-Q

    Split Any/Any group = enabled

    Search-Method-Optimizations = enabled

    Maximum pattern length = 20

Tagged Packet Limit: 256

Loading dynamic engine
/usr/local/snort/lib/snort_dynamicengine/libsf_engine.so... done

Loading all dynamic detection libs from
/usr/local/snort/lib/snort_dynamicrules...

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/smtp.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/p2p.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/imap.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/icmp.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/specific-threats.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/web-client.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/misc.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/multimedia.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/exploit.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/web-misc.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/web-iis.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/bad-traffic.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/chat.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/web-activex.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/dos.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/nntp.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/snmp.so... done

  Loading dynamic detection library
/usr/local/snort/lib/snort_dynamicrules/netbios.so... done

  Finished Loading all dynamic detection libs from
/usr/local/snort/lib/snort_dynamicrules

Loading all dynamic preprocessor libs from
/usr/local/snort/lib/snort_dynamicpreprocessor/...

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_pop_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_dns_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_ssl_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_imap_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_sip_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_gtp_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_sdf_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_ssh_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_ftptelnet_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_modbus_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_reputation_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_smtp_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_dce2_preproc.so...
done

  Loading dynamic preprocessor library
/usr/local/snort/lib/snort_dynamicpreprocessor//libsf_dnp3_preproc.so...
done

  Finished Loading all dynamic preprocessor libs from
/usr/local/snort/lib/snort_dynamicpreprocessor/

ERROR: The dynamic detection library
"/usr/local/snort/lib/snort_dynamicrules/netbios.so" version 1.0
compiled with dynamic engine library version 2.0 isn't compatible with
the current dynamic engine library
"/usr/local/snort/lib/snort_dynamicengine/libsf_engine.so" version
2.1.

Fatal Error, Quitting..

root at ...16588...:~/snort/barnyard2-2-1.13#



-- 
“Don't eat anything you've ever seen advertised on TV”
         - Michael Pollan, author of "In Defense of Food"




More information about the Snort-users mailing list