Snort mailing list archives
Compiling snort-1.8.2 with snmp support
From: Kyley.Stabenow () saltlake2002 com
Date: Mon, 5 Nov 2001 16:48:27 -0700
use the flags ./configure --with-snmp -with-openssl that should work.... Kyle Stabenow kyley.stabenow () saltlake2002 com Send Snort-users mailing list submissions to snort-users () lists sourceforge net To subscribe or unsubscribe via the World Wide Web, visit https://lists.sourceforge.net/lists/listinfo/snort-users or, via email, send a message with subject or body 'help' to snort-users-request () lists sourceforge net You can reach the person managing the list at snort-users-admin () lists sourceforge net When replying, please edit your Subject line so it is more specific than "Re: Contents of Snort-users digest..." Today's Topics: 1. Compiling snort-1.8.2 with snmp support (Michael Aylor) 2. Rules bringed with 1.8.2 (Federico) 3. Acid X portscan (Alex Rodrigues) 4. New 1.8.2 Win32 Install (SkatFiend () aol com) 5. Re: barnyard (Andrew R. Baker) 6. 1.8.2 problem (Richard Silver) 7. Re: Rules bringed with 1.8.2 (Chris Green) 8. RE: Compiling snort-1.8.2 with snmp support (Robert D. Hughes) --__--__-- Message: 1 From: Michael Aylor <maylor () swbanktx com> To: "'snort-users () lists sourceforge net'" <snort-users () lists sourceforge net> Date: Mon, 5 Nov 2001 09:11:49 -0600 Subject: [Snort-users] Compiling snort-1.8.2 with snmp support This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C1660C.311C1810 Content-Type: text/plain; charset="iso-8859-1" Hey all, Apologies if this question has already been asked and answered... I'm trying to compile snort-1.8.2 on a RH7.1 box. I've compiled and installed ucd-snmp-4.2.2 from source, and subsequently editted the /etc/ld.so.conf file to include the path /usr/local/lib (and after saving, I run ldconfig). When I begin the snort config, I use the switches "./configure --with-mysql --with-snmp". I know that the mysql portion works because if I just use the --with-mysql and not --with-snmp, it works fine. It then runs through the config with no errors. I then run make, and this is the output it gives me. gcc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include/pcap -I/usr/include/mysql -DENABLE_MYSQL -I/usr/local/include -DENABLE_SNMP -g -O2 -Wall -c spo_log_null.c gcc -g -O2 -Wall -L/usr/lib/mysql -L/usr/local/lib -o snort snort.o log.o decode.o mstring.o rules.o plugbase.o sp_pattern_match.o sp_tcp_flag_check.o sp_icmp_type_check.o sp_icmp_code_check.o sp_ttl_check.o sp_ip_id_check.o sp_tcp_ack_check.o sp_tcp_seq_check.o sp_dsize_check.o spp_http_decode.o spp_portscan.o sp_ipoption_check.o sp_rpc_check.o sp_icmp_id_check.o sp_icmp_seq_check.o sp_respond.o spo_alert_syslog.o spo_log_tcpdump.o spo_database.o sp_session.o spp_defrag.o parser.o spo_alert_fast.o spo_alert_full.o spo_alert_smb.o spo_alert_unixsock.o sp_react.o spo_xml.o sp_ip_tos_check.o snprintf.o checksum.o spp_tcp_stream2.o sp_reference.o sp_ip_fragbits.o spp_anomsensor.o tag.o spp_unidecode.o codes.o strlcpyu.o strlcatu.o debug.o sp_tcp_win_check.o spp_rpc_decode.o spp_bo.o spp_telnet_negotiation.o spo_csv.o sp_ip_same_check.o sp_priority.o sp_ip_proto.o ubi_BinTree.o ubi_SplayTree.o spo_unified.o spp_stream4.o spp_frag2.o spp_arpspoof.o spo_idmef.o spo_SnmpTrap.o spo_log_null.o -lz -lpcap -lm -lnsl -lmysqlclient -lsnmp /usr/local/lib/libsnmp.a(keytools.o): In function `generate_Ku': /packages/ucd-snmp-4.2.2/snmplib/keytools.c:124: undefined reference to `EVP_md5' /packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to `EVP_sha1' /packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to `EVP_DigestInit' /packages/ucd-snmp-4.2.2/snmplib/keytools.c:141: undefined reference to `EVP_DigestUpdate' /packages/ucd-snmp-4.2.2/snmplib/keytools.c:153: undefined reference to `EVP_DigestFinal' /usr/local/lib/libsnmp.a(scapi.o): In function `sc_random': /packages/ucd-snmp-4.2.2/snmplib/scapi.c:150: undefined reference to `RAND_bytes' /usr/local/lib/libsnmp.a(scapi.o): In function `sc_generate_keyed_hash': /packages/ucd-snmp-4.2.2/snmplib/scapi.c:255: undefined reference to `EVP_md5' /packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to `EVP_sha1' /packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to `HMAC' /usr/local/lib/libsnmp.a(scapi.o): In function `sc_hash': /packages/ucd-snmp-4.2.2/snmplib/scapi.c:345: undefined reference to `EVP_md5' /packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to `EVP_sha1' /packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to `EVP_DigestInit' /packages/ucd-snmp-4.2.2/snmplib/scapi.c:353: undefined reference to `EVP_DigestUpdate' /packages/ucd-snmp-4.2.2/snmplib/scapi.c:354: undefined reference to `EVP_DigestFinal' /usr/local/lib/libsnmp.a(scapi.o): In function `sc_encrypt': /packages/ucd-snmp-4.2.2/snmplib/scapi.c:592: undefined reference to `des_key_sched' /packages/ucd-snmp-4.2.2/snmplib/scapi.c:596: undefined reference to `des_ncbc_encrypt' /packages/ucd-snmp-4.2.2/snmplib/scapi.c:600: undefined reference to `des_ncbc_encrypt' /usr/local/lib/libsnmp.a(scapi.o): In function `sc_decrypt': /packages/ucd-snmp-4.2.2/snmplib/scapi.c:715: undefined reference to `des_key_sched' /packages/ucd-snmp-4.2.2/snmplib/scapi.c:718: undefined reference to `des_cbc_encrypt' collect2: ld returned 1 exit status make: *** [snort] Error 1 Any clues as to why it keeps failing? Mike Aylor maylor () swbanktx com CONFIDENTIALITY NOTICE: ************************************************************************ The information contained in this ELECTRONIC MAIL transmission is confidential. It may also be privileged work product or proprietary information. This information is intended for the exclusive use of the addressee(s). If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, distribution [other than to the addressee(s)], copying or taking of any action because of this information is strictly prohibited. ************************************************************************ ------_=_NextPart_001_01C1660C.311C1810 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; charset=3Diso-8859-= 1"> <META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version 5.5.2653.12"> <TITLE>Compiling snort-1.8.2 with snmp support</TITLE> </HEAD> <BODY> <P><FONT SIZE=3D2 FACE=3D"Arial">Hey all,</FONT> </P> <P><FONT SIZE=3D2 FACE=3D"Arial">Apologies if this question has already bee= n asked and answered...</FONT> </P> <P><FONT SIZE=3D2 FACE=3D"Arial">I'm trying to compile snort-1.8.2 on a RH7= .1 box. I've compiled and installed ucd-snmp-4.2.2 from source, and s= ubsequently editted the /etc/ld.so.conf file to include the path /usr/local= /lib (and after saving, I run ldconfig). When I begin the snort confi= g, I use the switches "./configure --with-mysql --with-snmp". &nbs= p; I know that the mysql portion works because if I just use the --with-mys= ql and not --with-snmp, it works fine.</FONT></P> <P><FONT SIZE=3D2 FACE=3D"Arial">It then runs through the config with no er= rors. I then run make, and this is the output it gives me. </FO= NT> </P> <P><FONT SIZE=3D2 FACE=3D"Arial">gcc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/inc= lude/pcap -I/usr/include/mysql -DENABLE_MYSQL -I/usr/local/include -D= ENABLE_SNMP -g -O2 -Wall -c spo_log_null.c</FONT></P> <P><FONT SIZE=3D2 FACE=3D"Arial">gcc -g -O2 -Wall -L/usr/lib/mysql -L= /usr/local/lib -o snort snort.o log.o decode.o mstring.o rules.= o plugbase.o sp_pattern_match.o sp_tcp_flag_check.o sp_icmp_type_check.o sp= _icmp_code_check.o sp_ttl_check.o sp_ip_id_check.o sp_tcp_ack_check.o sp_tc= p_seq_check.o sp_dsize_check.o spp_http_decode.o spp_portscan.o sp_ipoption= _check.o sp_rpc_check.o sp_icmp_id_check.o sp_icmp_seq_check.o sp_respond.o= spo_alert_syslog.o spo_log_tcpdump.o spo_database.o sp_session.o spp_defra= g.o parser.o spo_alert_fast.o spo_alert_full.o spo_alert_smb.o spo_alert_un= ixsock.o sp_react.o spo_xml.o sp_ip_tos_check.o snprintf.o checksum.o spp_t= cp_stream2.o sp_reference.o sp_ip_fragbits.o spp_anomsensor.o tag.o spp_uni= decode.o codes.o strlcpyu.o strlcatu.o debug.o sp_tcp_win_check.o spp_rpc_d= ecode.o spp_bo.o spp_telnet_negotiation.o spo_csv.o sp_ip_same_check.o sp_p= riority.o sp_ip_proto.o ubi_BinTree.o ubi_SplayTree.o spo_unified.o spp_str= eam4.o spp_frag2.o spp_arpspoof.o spo_idmef.o spo_SnmpTrap.o spo_log_null.o= -lz -lpcap -lm -lnsl -lmysqlclient -lsnmp</FONT></P> <P><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(keytools.o): In f= unction `generate_Ku':</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools= .c:124: undefined reference to `EVP_md5'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools= .c:126: undefined reference to `EVP_sha1'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools= .c:126: undefined reference to `EVP_DigestInit'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools= .c:141: undefined reference to `EVP_DigestUpdate'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools= .c:153: undefined reference to `EVP_DigestFinal'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In fun= ction `sc_random':</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 150: undefined reference to `RAND_bytes'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In fun= ction `sc_generate_keyed_hash':</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 255: undefined reference to `EVP_md5'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 258: undefined reference to `EVP_sha1'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 258: undefined reference to `HMAC'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In fun= ction `sc_hash':</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 345: undefined reference to `EVP_md5'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 348: undefined reference to `EVP_sha1'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 348: undefined reference to `EVP_DigestInit'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 353: undefined reference to `EVP_DigestUpdate'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 354: undefined reference to `EVP_DigestFinal'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In fun= ction `sc_encrypt':</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 592: undefined reference to `des_key_sched'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 596: undefined reference to `des_ncbc_encrypt'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 600: undefined reference to `des_ncbc_encrypt'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In fun= ction `sc_decrypt':</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 715: undefined reference to `des_key_sched'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:= 718: undefined reference to `des_cbc_encrypt'</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">collect2: ld returned 1 exit status</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">make: *** [snort] Error 1</FONT> </P> <P><FONT SIZE=3D2 FACE=3D"Arial">Any clues as to why it keeps failing?</FON= T> </P> <BR> <P><FONT SIZE=3D2 FACE=3D"Arial">Mike Aylor</FONT> <BR><FONT SIZE=3D2 FACE=3D"Arial">maylor () swbanktx com</FONT> </P> <CODE><FONT SIZE=3D3><BR> <BR> CONFIDENTIALITY NOTICE:<BR> <BR> ************************************************************************<BR> <BR> The information contained in this ELECTRONIC MAIL transmission<BR> is confidential. It may also be privileged work product or proprietary<BR> information. This information is intended for the exclusive use of the<BR> addressee(s). If you are not the intended recipient, you are hereby<BR> notified that any use, disclosure, dissemination, distribution [other<BR> than to the addressee(s)], copying or taking of any action because<BR> of this information is strictly prohibited.<BR> <BR> ************************************************************************<BR> </FONT></CODE></BODY> </HTML> ------_=_NextPart_001_01C1660C.311C1810-- --__--__-- Message: 2 From: "Federico" <egopfe () hotmail com> To: <snort-users () lists sourceforge net> Date: Mon, 5 Nov 2001 16:31:03 +0100 Subject: [Snort-users] Rules bringed with 1.8.2 The Default Rule-Files bringed with snort 1.8.2 give errors with classtype.... did someone noticed it ? --__--__-- Message: 3 From: "Alex Rodrigues" <alex () bsbnet com> To: <snort-users () lists sourceforge net> Date: Mon, 5 Nov 2001 13:59:43 -0300 Subject: [Snort-users] Acid X portscan What I have to configure to see all portscans traffic in my Acid? Thanks. Alex --__--__-- Message: 4 From: SkatFiend () aol com Date: Mon, 5 Nov 2001 11:46:54 EST To: snort-users () lists sourceforge net Subject: [Snort-users] New 1.8.2 Win32 Install Is the snort binary in the new 1.8.2 Win32 install complied for MSSQL support? If not is there a static v1.8.2 available with MSSQL support? Thanks, Cliff Arms --__--__-- Message: 5 Date: Mon, 05 Nov 2001 09:12:41 -0800 From: "Andrew R. Baker" <andrewb () snort org> To: ntimm () stingrey com CC: snort-users () lists sourceforge net Subject: Re: [Snort-users] barnyard You probably need to be using a more recent version of Snort. I think build 84 of Snort is the oldest build that is compatible with barnyard. Of course you could just upgrade to Snort 1.8.2. -Andrew > Neal Timm wrote: > > I am getting these errors when using barnyard > Unable to find SID (2, 3) > Unable to find SID (0, 1004957390) > and other similar Unable to fine SID > It also is not getting the ip address in the alert > [Priority: 0] {ICMP} 0.0.0.0 -> 1.0.0.0 > First time barnyard user any help would be appreciated. > Am using snort 1.8.1 on redhat 7.1 with newest version of barnyard of > snort website. --__--__-- Message: 6 From: Richard Silver <richard.silver () eamc org> To: snort-users () lists sourceforge net Date: 05 Nov 2001 11:30:38 -0600 Subject: [Snort-users] 1.8.2 problem Just d/l'd and installed 1.8.2 from source. Same procedure I've used for 1.8.0 & 1.8.1. Everything compiles happily, but no matter what I do, it gives me the following message in my /var/log/messages: snort: FATAL ERROR: database: The underlying database seems to be running an older version of the DB schema. Please re-run the appropriate DB creation script (e.g. create_mysql, create_postgresql, create_oracle) located in the contrib\ directory. I went ahead and re-created to see if that was really the problem - no dice, same message. Re-compiled, same problem. Snort will start just logging to the local logging facility, but not to MySQL. (And yes, it does find and compile for MySQL, no errors. Also yes, been thru the FAQ ) Re-installed 1.8.1 from scratch, using DB I created from 1.8.2 create_mysql script, works fine. Anyone else seeing this? Thanks, Richard Richard Silver Sr. Network Engineer East Alabama Medical Center --__--__-- Message: 7 To: "Federico" <egopfe () hotmail com> Cc: <snort-users () lists sourceforge net> Subject: Re: [Snort-users] Rules bringed with 1.8.2 From: Chris Green <cmg () uab edu> Reply-To: snort-users () lists sourceforge net Date: Mon, 05 Nov 2001 11:33:49 -0600 "Federico" <egopfe () hotmail com> writes: > The Default Rule-Files bringed with snort 1.8.2 give errors with > classtype.... did someone noticed it ? I haven't seen this error. What error do you get? Did you install the new classification.config -- Chris Green <cmg () uab edu> Laugh and the world laughs with you, snore and you sleep alone. --__--__-- Message: 8 Subject: RE: [Snort-users] Compiling snort-1.8.2 with snmp support Date: Mon, 5 Nov 2001 11:38:08 -0600 From: "Robert D. Hughes" <rob () robhughes com> To: "Michael Aylor" <maylor () swbanktx com>, <snort-users () lists sourceforge net> This is a multi-part message in MIME format. ------_=_NextPart_001_01C16620.A1E90BE4 Content-Type: multipart/alternative; boundary="----_=_NextPart_002_01C16620.A1E90BE4" ------_=_NextPart_002_01C16620.A1E90BE4 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 When you compiled UCD, did you compile in SNMP V3 support? I believe its the default, but I'm not sure. At any rate, those messages are all related to V3 stuff. =20 Rob - -----Original Message----- From: Michael Aylor [mailto:maylor () swbanktx com] Sent: Monday, November 05, 2001 9:12 AM To: 'snort-users () lists sourceforge net' Subject: [Snort-users] Compiling snort-1.8.2 with snmp support Hey all,=20 Apologies if this question has already been asked and answered...=20 I'm trying to compile snort-1.8.2 on a RH7.1 box. I've compiled and installed ucd-snmp-4.2.2 from source, and subsequently editted the /etc/ld.so.conf file to include the path /usr/local/lib (and after saving, I run ldconfig). When I begin the snort config, I use the switches "./configure --with-mysql --with-snmp". I know that the mysql portion works because if I just use the --with-mysql and not --with-snmp, it works fine. It then runs through the config with no errors. I then run make, and this is the output it gives me. =20 gcc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include/pcap -I/usr/include/mysql -DENABLE_MYSQL -I/usr/local/include -DENABLE_SNMP -g -O2 -Wall -c spo_log_null.c gcc -g -O2 -Wall -L/usr/lib/mysql -L/usr/local/lib -o snort snort.o log.o decode.o mstring.o rules.o plugbase.o sp_pattern_match.o sp_tcp_flag_check.o sp_icmp_type_check.o sp_icmp_code_check.o sp_ttl_check.o sp_ip_id_check.o sp_tcp_ack_check.o sp_tcp_seq_check.o sp_dsize_check.o spp_http_decode.o spp_portscan.o sp_ipoption_check.o sp_rpc_check.o sp_icmp_id_check.o sp_icmp_seq_check.o sp_respond.o spo_alert_syslog.o spo_log_tcpdump.o spo_database.o sp_session.o spp_defrag.o parser.o spo_alert_fast.o spo_alert_full.o spo_alert_smb.o spo_alert_unixsock.o sp_react.o spo_xml.o sp_ip_tos_check.o snprintf.o checksum.o spp_tcp_stream2.o sp_reference.o sp_ip_fragbits.o spp_anomsensor.o tag.o spp_unidecode.o codes.o strlcpyu.o strlcatu.o debug.o sp_tcp_win_check.o spp_rpc_decode.o spp_bo.o spp_telnet_negotiation.o spo_csv.o sp_ip_same_check.o sp_priority.o sp_ip_proto.o ubi_BinTree.o ubi_SplayTree.o spo_unified.o spp_stream4.o spp_frag2.o spp_arpspoof.o spo_idmef.o spo_SnmpTrap.o spo_log_null.o -lz -lpcap -lm -lnsl -lmysqlclient -lsnmp /usr/local/lib/libsnmp.a(keytools.o): In function `generate_Ku':=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:124: undefined reference to `EVP_md5'=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to `EVP_sha1'=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to `EVP_DigestInit'=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:141: undefined reference to `EVP_DigestUpdate'=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:153: undefined reference to `EVP_DigestFinal'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_random':=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:150: undefined reference to `RAND_bytes'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_generate_keyed_hash': /packages/ucd-snmp-4.2.2/snmplib/scapi.c:255: undefined reference to `EVP_md5'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to `EVP_sha1'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to `HMAC'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_hash':=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:345: undefined reference to `EVP_md5'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to `EVP_sha1'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to `EVP_DigestInit'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:353: undefined reference to `EVP_DigestUpdate'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:354: undefined reference to `EVP_DigestFinal'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_encrypt':=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:592: undefined reference to `des_key_sched'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:596: undefined reference to `des_ncbc_encrypt'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:600: undefined reference to `des_ncbc_encrypt'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_decrypt':=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:715: undefined reference to `des_key_sched'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:718: undefined reference to `des_cbc_encrypt'=20 collect2: ld returned 1 exit status=20 make: *** [snort] Error 1=20 Any clues as to why it keeps failing?=20 Mike Aylor=20 maylor () swbanktx com=20 CONFIDENTIALITY NOTICE: ************************************************************************ The information contained in this ELECTRONIC MAIL transmission is confidential. It may also be privileged work product or proprietary information. This information is intended for the exclusive use of the addressee(s). If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, distribution [other than to the addressee(s)], copying or taking of any action because of this information is strictly prohibited. ************************************************************************ -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQA/AwUBO+bOgOa2P6TrxG1EEQJnvgCgmLlYZ1X7NufaqBSkvIalN8l3vwUAniEy AIcGjf/R2PYE86ZxDEbbBZqx =3DZZVJ -----END PGP SIGNATURE----- ------_=_NextPart_002_01C16620.A1E90BE4 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Diso-8859-1"> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <TITLE>Compiling snort-1.8.2 with snmp support</TITLE> <META content=3D"MSHTML 5.50.4807.2300" name=3DGENERATOR></HEAD> <BODY><PRE> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 When you compiled UCD, did you compile in SNMP V3 support? I believe its = the default, but I'm not sure. At any rate, those messages are all = related to V3 stuff. =20 Rob - -----Original Message----- From: Michael Aylor [mailto:maylor () swbanktx com] Sent: Monday, November 05, 2001 9:12 AM To: 'snort-users () lists sourceforge net' Subject: [Snort-users] Compiling snort-1.8.2 with snmp support Hey all,=20 Apologies if this question has already been asked and answered...=20 I'm trying to compile snort-1.8.2 on a RH7.1 box. I've compiled and = installed ucd-snmp-4.2.2 from source, and subsequently editted the = /etc/ld.so.conf file to include the path /usr/local/lib (and after = saving, I run ldconfig). When I begin the snort config, I use the = switches "./configure --with-mysql --with-snmp". I know that the mysql = portion works because if I just use the --with-mysql and not = --with-snmp, it works fine. It then runs through the config with no errors. I then run make, and = this is the output it gives me. =20 gcc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include/pcap = -I/usr/include/mysql -DENABLE_MYSQL -I/usr/local/include -DENABLE_SNMP = -g -O2 -Wall -c spo_log_null.c gcc -g -O2 -Wall -L/usr/lib/mysql -L/usr/local/lib -o snort snort.o = log.o decode.o mstring.o rules.o plugbase.o sp_pattern_match.o = sp_tcp_flag_check.o sp_icmp_type_check.o sp_icmp_code_check.o = sp_ttl_check.o sp_ip_id_check.o sp_tcp_ack_check.o sp_tcp_seq_check.o = sp_dsize_check.o spp_http_decode.o spp_portscan.o sp_ipoption_check.o = sp_rpc_check.o sp_icmp_id_check.o sp_icmp_seq_check.o sp_respond.o = spo_alert_syslog.o spo_log_tcpdump.o spo_database.o sp_session.o = spp_defrag.o parser.o spo_alert_fast.o spo_alert_full.o spo_alert_smb.o = spo_alert_unixsock.o sp_react.o spo_xml.o sp_ip_tos_check.o snprintf.o = checksum.o spp_tcp_stream2.o sp_reference.o sp_ip_fragbits.o = spp_anomsensor.o tag.o spp_unidecode.o codes.o strlcpyu.o strlcatu.o = debug.o sp_tcp_win_check.o spp_rpc_decode.o spp_bo.o = spp_telnet_negotiation.o spo_csv.o sp_ip_same_check.o sp_priority.o = sp_ip_proto.o ubi_BinTree.o ubi_SplayTree.o spo_unified.o spp_stream4.o = spp_frag2.o spp_arpspoof.o spo_idmef.o spo_SnmpTrap.o spo_log_null.o = -lz -lpcap -lm -lnsl -lmysqlclient -lsnmp /usr/local/lib/libsnmp.a(keytools.o): In function `generate_Ku':=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:124: undefined reference to = `EVP_md5'=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to = `EVP_sha1'=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to = `EVP_DigestInit'=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:141: undefined reference to = `EVP_DigestUpdate'=20 /packages/ucd-snmp-4.2.2/snmplib/keytools.c:153: undefined reference to = `EVP_DigestFinal'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_random':=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:150: undefined reference to = `RAND_bytes'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_generate_keyed_hash': = /packages/ucd-snmp-4.2.2/snmplib/scapi.c:255: undefined reference to = `EVP_md5'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to = `EVP_sha1'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to = `HMAC'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_hash':=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:345: undefined reference to = `EVP_md5'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to = `EVP_sha1'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to = `EVP_DigestInit'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:353: undefined reference to = `EVP_DigestUpdate'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:354: undefined reference to = `EVP_DigestFinal'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_encrypt':=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:592: undefined reference to = `des_key_sched'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:596: undefined reference to = `des_ncbc_encrypt'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:600: undefined reference to = `des_ncbc_encrypt'=20 /usr/local/lib/libsnmp.a(scapi.o): In function `sc_decrypt':=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:715: undefined reference to = `des_key_sched'=20 /packages/ucd-snmp-4.2.2/snmplib/scapi.c:718: undefined reference to = `des_cbc_encrypt'=20 collect2: ld returned 1 exit status=20 make: *** [snort] Error 1=20 Any clues as to why it keeps failing?=20 Mike Aylor=20 maylor () swbanktx com=20 CONFIDENTIALITY NOTICE: ************************************************************************ The information contained in this ELECTRONIC MAIL transmission is confidential. It may also be privileged work product or proprietary information. This information is intended for the exclusive use of the addressee(s). If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, distribution [other than to the addressee(s)], copying or taking of any action because of this information is strictly prohibited. ************************************************************************ -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQA/AwUBO+bOgOa2P6TrxG1EEQJnvgCgmLlYZ1X7NufaqBSkvIalN8l3vwUAniEy AIcGjf/R2PYE86ZxDEbbBZqx =3DZZVJ -----END PGP SIGNATURE----- </PRE></BODY></HTML> ------_=_NextPart_002_01C16620.A1E90BE4-- ------_=_NextPart_001_01C16620.A1E90BE4 Content-Type: application/octet-stream; name="PGPexch.htm.asc" Content-Transfer-Encoding: base64 Content-Description: PGPexch.htm.asc Content-Disposition: attachment; filename="PGPexch.htm.asc" LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tDQpWZXJzaW9uOiBQR1AgNy4wLjQNCg0Kb3dITldV dHZHOGtSZGhMc3hZQU9lMHNPQVhvVllQMkFPRU5Tb21YTGxMd1VTYThJVTVRc1VUWU13NkNiTXox aw0KTDJlNlo3dDdKTkdISU5kY0FnUzVKUUdTQUxrbVFDNzVCVDRHK1FXNUJWa2dDSExmUTRDa3F1 Y2hVclpYTkNDdA0KUTVnV3B4OWZ2YjZxNmFuNTZiVUgzL3ZvTy9lLyt1dFB2dnJ6ZzkvLzYzWFUr dmk3Zi92VHRkLys3ai8vK01zSg0KZmYzb3g3LzU3OUxHOTM5OXEvMzY0Nit2L2VxajlhLy9QZnI3 SCsvK29QbXpuLytpdTNQMHkxZWYvUE1QUHh5Yg0KYS9pcGY5TGFhL2FmN2JmSlRuKzNTL2FQdHJ1 ZEpsa3V1ZTdUMWFicnR2cXRkR0xOS1pPK29rSnp3Nldnb2V1Mg0KZTh0YlM5ZnJPTHRWMzJrM1du aTEyKzQzWUVOL3Y5UitmTlI1c3JuY2xNSXdZVXI5YWN5V1NYT3YxMi8zK3B2TA0KaHAwYWQyeWk4 RDd4eGxScFpqYWZjdUhMRTEycVZHdFZpOXp2OUx2dHJhYU1ZaDV5TVNKYVNHVktGZWV1VXlVbg0K M0l4aElJcUpUdUlZeHV0dXVuenBlcTZGbDByZVhONDl0QmJVbkZyWldidGJYbmVxcStYeU1oRTBZ cHVmdDN2dA0KZzBaLzcyQ3I3dVkyYk8rMW51SGZWdWZKVnYxd3Y5RWpYa2kxM2x5OWM2Kzh2cnBl V1MrVmE1Vkt0Vnl1Yk5VZg0KZ2tFa29CN2JiQ2hPUXhBYVNyWDVveko4Z29Cby9vcHRWcmVlanBr Z1M5ZW5Nb0Y1dEliNTVLalpXaUUrOThuTQ0KS09HQ0hQWjI5OG1UMWR5c0I2UkRoaXprN0JobWpT Wm16SWpQQXBxRVpnVWdoNGtoblJzUkVkTEFEc1VjMGpDRQ0KaWlsUjFMQVZXQzAxSXhIVG1vNllK bFF4UXNPUUtCYkN0RStNUkVsTDE3Vkpnc0NwdTJnTStBRk5oajlvL3FWNA0KQVFTa2ZwaVg4S2tZ NnZqK1ZjZzVrTU4zR0xQZDNXcytlbnkwMTBlaUVJSkNNM0Y3aVFtbG5PeW12dHBoMUdjSw0KNHFN MlE2UEFhWHdrTmtNV21Ga2QrblFzSTBvUUtCTmN3cytlNGlNT0dVSXlMRHRZM3dhR2JXODlWRExh cUx2Yg0KVzJTWEErOVpTQnBUTU1GaVBJOG9ENDNjaUNnT2ZhWlBobFJNektrRDVIaVJiVDhFUG1m YnBmRHBkSVgwNURHTA0KaHFCcXViWkMwRW5rM2thbGF2RWF1OW11dmt6MzNFZ1RLTkZNNmM5Q3Jv MTJ0RXlVeHdLcFJzd1J6TnpJNVNURA0KTDVpWGliSzZIWjV0ZlVFV1RVa0xkbkFXOWpRSTRQYjlO ME9aZVhDSFRaR2lLOWtlVW5mM0w5clNpSUVGSXc3OA0KNWdFd25tdnlaY0kwVmlreXBrRDZVRUV3 cDVCRmtJUlVUNEQzQ0VpRkQxOTl3aFR6SGNkNUQzbVliMFpOMFh4SQ0Kb0R4MVp6MEJraWs1MkZs M0tsYlVVSjQ2S2RraFZ5R1BpeHFBT25DaERSZ01WNG5ubDlCOXBUV25DaUFCVUlXaw0KOFZteEt5 M1BrcUZtWUo0dzRaUXdueHVieGxBVFhHWThOL1Fob01BWEVaQUFkUUwxdVBEQ3hHZDJUVXdoUUlq aQ0KSmxxNW9mU2dpb2Q4U0c1YVh3UUdXS1RwTWRpMUFrVkhKWUtFUG1MeDBhMWNmVnZJc0NBQndT MmsxUWt0SitsSw0KM0Fra3NYTWFDT0dOSVN6TGpwdk9Rb0VpcFJMeXBCUk45WmRoZm9GV0wrY3lF TEpESmtLZUFBbzFGaXBkalp6Qw0KcUo1SU5kR2doRWRSRkFTOVE3NUl0Q2tFejRuSVBZY1Zja2Jj Q2xUVERDamdncDBWdjR2RGIxVVM2Q0FzeDBvbQ0KbzdFVm05cVlwb0dRVmloVFNpcGRCTC9ZU0NJ NnlhSnFDY3ZUd2k0VEUwTkJCODFHL0JnY0Y3RlpweXl1NHNqeg0KU0ttMTAzalNIc0FOOTJIbjg4 RU9LWFdjNG92YlN4M0xnb3dmYnV6Uk9KTjFiaWFMVkt2ZGEyeDMyNFBkWjRlUA0KdTdNSUtZOXlu aFhyOEQ2V0E0NUlhYTlLU2sveDNsUHlVdExFY2dCWk94QkpHRHJlZTVuMlZ0UnVxZ3NmWnZwYQ0K QmJ2elJNODN5cFN5MmFYOTdVZ0Myc0QvUHZPa3orQkhwSTJDVklCZktnbVpkdEtBeG1FeUdsS05D M1E4Z0lTQw0KcEJHRGlBTFIweUhqeFlNZ3BLTUJNTiticEdQY2kyQUN6ai9GWU9xQmRBTGx6YTQy SnB6YkRQLzh1WG1RUUwzSg0KZVN3Y2h0SXd1OUpIbjgwTXhJT3hNVENjbTRnam1GUGFvMkpHcVZq R21HYXpTQ3IyM2pCb1hpczdOQ3MvUTFNTQ0KSWkxOHUwZ09hTWlVR2VpcFRwMmRrd0IwOTVNb3pr WjhhdWlaanpYY1JFR2JBaEgxRHhURjdUR2VHOVVjZEVDMQ0KbVI5QWZzMEpqNFlGVmo2V0NINnFa V0VzbzE0T2NocUZSUmlNMUdjV2l4allZWUlNeWc3ckpNcWNhbU5oQUNlcQ0KNXBBQjNHZUV4d293 TkdFSUI3cHNCeFV5MGt4b3FUSkVRMGZaRkNoWFJBei8yQzFHaFY0OFRmS2YxQ1NXdThOaw0KZEVh U0V5N09SU01ONUZ6OGh6TFhtWVZ3QUJnSU5wS0dVNU82SEYzZzZlTlpjZ3cwSEp0bkl3K09rSXFi YVdGYQ0KcktSQjFHVElCOXRjOUJWajJkVmhITkpwZHAxSEFNd0xPUE16TFZLdnJXVlg2S1JxN2lF VnczSVpaRnB4UDJMQg0KRE13aDFIUjRQTWs1VkpRV21TZDkrQXErV09YZ1R3UmZvY05peXBZTUR3 N1p3cVNGSThSYnhPSkZhYjdNNEJmMw0KTy9UbWhFMk5sQ0dFN05ZRzZRZ1NKTUt6dHpBRWZEbGln dUU1ZmZBb3ViRlJIRUR3d0hSZXpzd1IwNDBoK2ZFMA0KNzg2ZkYxejhpZElMbVI0Y0JOYzJTQ0ln WWVBVzU1T0NoWGd3c0JxMG4rd1BJcjkyNDJxRTM3bFl1QjdUeW9lVA0KM3VJQVpqcUNtNnZSWWEy eXFBNUhNVlE5ZGpWYTFGWVgxZUloUHJZc3JzUzdXQS8zazVpL1FmbVgyaHNvT1BISQ0KNkl6c05x L2VKbVpSTzFOUmFHUjV3Nks5dzlDWEI0MWVhekNjR3FhdnlqN3JTN0N4eUdxSUFmTUg4QWd5dnNU cw0KemcydTFtcmZjbXFmU2I3N2JlZjF3cUozZGh2TmJ4YTdlR3p0YzhnNS9sNVJNRmZYUGxRd1Y5 YytXREFYRW4wVg0KRmJwUVlQSENlTm5sK1V5RnRmK2IyZ3h5MVRRMlYxQ2NhL2VxMzF5YzRWQ0wx WEtnNFZqcFg3NlhhL2N1T0F1Zw0KZk9FTnozeHc2U3JjS1pldlNvWDNqelE4QUZ4UnBOY3J0UThh NmZYSzNZdmR2TENYTSttZURFUG1HZUJ3aUpBbQ0KVVlpZHR2YllLVGZ3Q0FiUFgzb1JLR3o3YkpE YnQyK1Q1N2J0OElLMHNVTmtvU3J2MC9JVVUrS0ZDYmIwTmRwMg0KTXA1aTEyakNXS3hodWUzTlBw aUxMbUNpWWhmZzd2SUpTenZTaTRibUxjM3FXVHZxemIxV093TW9kcTF1NVoxaA0KMjUxcXRYdjlU cVBiNlQrelMzcDcvVTZ6dlpFdnVYMUpueHl2bjNVdHVRaWtpdXlEcm4xVFJDMWpiRnVUYTlMdQ0K dHB2OWc3MWVwMGwyRzUwdU1mam1LK0syRllFb3NNUzIrM3g0WkFTUHBDMjFqaUhnRGtKRExjbVFF WGd3UHVZaA0KR3dFc05ocmhXdnFKWndqRUczN0NMRE5VVFMzYW1TNE82YVA4OHhwaWp4RGZadmtB QnFPMlc4aE9nUUthSHpQYg0KK0pUWSsyYUlSbjFmTWEwWnU2bHZPYVFUMkRkTXR1V3RtRzJENHVZ Q1RUR1B4L2prdTJMWDRab3hKTTNRS2dhcg0KN2RONTJvbkY5MG9nYXNXQytWeDdvY1IzVHZnYUM4 UkZjSU5DWGUybFVYeVlXTTJmU3hDbkVBd3dCSklWeGMvcQ0KK0NJRjlHUnNlK3BvSFozWVg0RVZT ZFBLbGZWN0VVbG1mZjV6SGtLcEhqYkdiYWRPeVRFZmNzTjg1MHFvNU02OA0KU2lvNkJTbmJYZnND c2U3YU42TkwxLzhIDQo9N3F6Qg0KLS0tLS1FTkQgUEdQIE1FU1NBR0UtLS0tLQ0K ------_=_NextPart_001_01C16620.A1E90BE4-- --__--__-- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-users End of Snort-users Digest _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Compiling snort-1.8.2 with snmp support Michael Aylor (Nov 05)
- <Possible follow-ups>
- RE: Compiling snort-1.8.2 with snmp support Robert D. Hughes (Nov 05)
- Compiling snort-1.8.2 with snmp support Kyley . Stabenow (Nov 05)
- RE: Compiling snort-1.8.2 with snmp support Michael Aylor (Nov 06)