Snort mailing list archives
help
From: Jagan Mohan Reddy D <jagan.mohan507 () gmail com>
Date: Fri, 27 Jan 2012 11:28:38 +0530
I was successfully installed snort on Ubuntu 10.04 as per the doc provided
by Snort web site.
I am using only one Ethernet card on my machine....
But after installation, while running the snort by using the following
line....
$ sudo /usr/local/snort/bin/snort -c /usr/local/snort/etc/snort.conf -i eth0
--------------------------------------------------------------------------------
[ Number of patterns truncated to 20 bytes: 1033 ]
pcap DAQ configured to passive.
The DAQ version does not support reload.
Acquiring network traffic from "eth0".
Reload thread starting...
Reload thread started, thread 0xa6c93b70 (2700)
Decoding Ethernet
--== Initialization Complete ==--
,,_ -*> Snort! <*-
o" )~ Version 2.9.2 IPv6 GRE (Build 78)
'''' By Martin Roesch & The Snort Team:
http://www.snort.org/snort/snort-team
Copyright (C) 1998-2011 Sourcefire, Inc., et al.
Using libpcap version 1.0.0
Using PCRE version: 7.8 2008-09-05
Using ZLIB version: 1.2.3.3
Rules Engine: SF_SNORT_DETECTION_ENGINE Version 1.15 <Build 18>
Rules Object: web-misc Version 1.0 <Build 1>
Rules Object: snmp Version 1.0 <Build 1>
Rules Object: exploit Version 1.0 <Build 1>
Rules Object: netbios Version 1.0 <Build 1>
Rules Object: p2p Version 1.0 <Build 1>
Rules Object: multimedia Version 1.0 <Build 1>
Rules Object: chat Version 1.0 <Build 1>
Rules Object: bad-traffic Version 1.0 <Build 1>
Rules Object: web-iis Version 1.0 <Build 1>
Rules Object: nntp Version 1.0 <Build 1>
Rules Object: imap Version 1.0 <Build 1>
Rules Object: web-client Version 1.0 <Build 1>
Rules Object: icmp Version 1.0 <Build 1>
Rules Object: web-activex Version 1.0 <Build 1>
Rules Object: dos Version 1.0 <Build 1>
Rules Object: smtp Version 1.0 <Build 1>
Rules Object: specific-threats Version 1.0 <Build 1>
Rules Object: misc Version 1.0 <Build 1>
Preprocessor Object: SF_DNS (IPV6) Version 1.1 <Build 4>
Preprocessor Object: SF_REPUTATION (IPV6) Version 1.1 <Build 1>
Preprocessor Object: SF_SSLPP (IPV6) Version 1.1 <Build 4>
Preprocessor Object: SF_SSH (IPV6) Version 1.1 <Build 3>
Preprocessor Object: SF_SMTP (IPV6) Version 1.1 <Build 9>
Preprocessor Object: SF_MODBUS (IPV6) Version 1.1 <Build 1>
Preprocessor Object: SF_GTP (IPV6) Version 1.1 <Build 1>
Preprocessor Object: SF_IMAP (IPV6) Version 1.0 <Build 1>
Preprocessor Object: SF_POP (IPV6) Version 1.0 <Build 1>
Preprocessor Object: SF_DCERPC2 (IPV6) Version 1.0 <Build 3>
Preprocessor Object: SF_FTPTELNET (IPV6) Version 1.2 <Build 13>
Preprocessor Object: SF_SIP (IPV6) Version 1.1 <Build 1>
Preprocessor Object: SF_DNP3 (IPV6) Version 1.1 <Build 1>
Preprocessor Object: SF_SDF (IPV6) Version 1.1 <Build 1>
Commencing packet processing (pid=2700)
-----------------------------------------------------------------------------------------------------------------
After this, Snort is not running and the courser is blinking......
can any one help on this problem,
----------------
D J M Reddy
CSIS Dept
BITS-PILANI HYD campus
------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- help Jagan Mohan Reddy D (Jan 26)
- Re: help Heine Lysemose (Jan 26)