Snort mailing list archives
Compiling snort-1.8.2 with snmp support
From: Kyley.Stabenow () saltlake2002 com
Date: Mon, 5 Nov 2001 16:48:27 -0700
use the flags ./configure --with-snmp -with-openssl
that should work....
Kyle Stabenow
kyley.stabenow () saltlake2002 com
Send Snort-users mailing list submissions to
snort-users () lists sourceforge net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/snort-users
or, via email, send a message with subject or body 'help' to
snort-users-request () lists sourceforge net
You can reach the person managing the list at
snort-users-admin () lists sourceforge net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Snort-users digest..."
Today's Topics:
1. Compiling snort-1.8.2 with snmp support (Michael Aylor)
2. Rules bringed with 1.8.2 (Federico)
3. Acid X portscan (Alex Rodrigues)
4. New 1.8.2 Win32 Install (SkatFiend () aol com)
5. Re: barnyard (Andrew R. Baker)
6. 1.8.2 problem (Richard Silver)
7. Re: Rules bringed with 1.8.2 (Chris Green)
8. RE: Compiling snort-1.8.2 with snmp support (Robert D. Hughes)
--__--__--
Message: 1
From: Michael Aylor <maylor () swbanktx com>
To: "'snort-users () lists sourceforge net'"
<snort-users () lists sourceforge net>
Date: Mon, 5 Nov 2001 09:11:49 -0600
Subject: [Snort-users] Compiling snort-1.8.2 with snmp support
This message is in MIME format. Since your mail reader does not
understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C1660C.311C1810
Content-Type: text/plain;
charset="iso-8859-1"
Hey all,
Apologies if this question has already been asked and answered...
I'm trying to compile snort-1.8.2 on a RH7.1 box. I've compiled and
installed ucd-snmp-4.2.2 from source, and subsequently editted the
/etc/ld.so.conf file to include the path /usr/local/lib (and after
saving, I
run ldconfig). When I begin the snort config, I use the switches
"./configure --with-mysql --with-snmp". I know that the mysql portion
works
because if I just use the --with-mysql and not --with-snmp, it works
fine.
It then runs through the config with no errors. I then run make, and
this
is the output it gives me.
gcc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include/pcap
-I/usr/include/mysql
-DENABLE_MYSQL -I/usr/local/include -DENABLE_SNMP -g -O2 -Wall -c
spo_log_null.c
gcc -g -O2 -Wall -L/usr/lib/mysql -L/usr/local/lib -o snort snort.o
log.o
decode.o mstring.o rules.o plugbase.o sp_pattern_match.o
sp_tcp_flag_check.o
sp_icmp_type_check.o sp_icmp_code_check.o sp_ttl_check.o
sp_ip_id_check.o
sp_tcp_ack_check.o sp_tcp_seq_check.o sp_dsize_check.o spp_http_decode.o
spp_portscan.o sp_ipoption_check.o sp_rpc_check.o sp_icmp_id_check.o
sp_icmp_seq_check.o sp_respond.o spo_alert_syslog.o spo_log_tcpdump.o
spo_database.o sp_session.o spp_defrag.o parser.o spo_alert_fast.o
spo_alert_full.o spo_alert_smb.o spo_alert_unixsock.o sp_react.o
spo_xml.o
sp_ip_tos_check.o snprintf.o checksum.o spp_tcp_stream2.o sp_reference.o
sp_ip_fragbits.o spp_anomsensor.o tag.o spp_unidecode.o codes.o
strlcpyu.o
strlcatu.o debug.o sp_tcp_win_check.o spp_rpc_decode.o spp_bo.o
spp_telnet_negotiation.o spo_csv.o sp_ip_same_check.o sp_priority.o
sp_ip_proto.o ubi_BinTree.o ubi_SplayTree.o spo_unified.o spp_stream4.o
spp_frag2.o spp_arpspoof.o spo_idmef.o spo_SnmpTrap.o spo_log_null.o
-lz
-lpcap -lm -lnsl -lmysqlclient -lsnmp
/usr/local/lib/libsnmp.a(keytools.o): In function `generate_Ku':
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:124: undefined reference to
`EVP_md5'
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to
`EVP_sha1'
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to
`EVP_DigestInit'
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:141: undefined reference to
`EVP_DigestUpdate'
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:153: undefined reference to
`EVP_DigestFinal'
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_random':
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:150: undefined reference to
`RAND_bytes'
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_generate_keyed_hash':
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:255: undefined reference to
`EVP_md5'
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to
`EVP_sha1'
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to
`HMAC'
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_hash':
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:345: undefined reference to
`EVP_md5'
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to
`EVP_sha1'
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to
`EVP_DigestInit'
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:353: undefined reference to
`EVP_DigestUpdate'
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:354: undefined reference to
`EVP_DigestFinal'
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_encrypt':
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:592: undefined reference to
`des_key_sched'
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:596: undefined reference to
`des_ncbc_encrypt'
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:600: undefined reference to
`des_ncbc_encrypt'
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_decrypt':
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:715: undefined reference to
`des_key_sched'
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:718: undefined reference to
`des_cbc_encrypt'
collect2: ld returned 1 exit status
make: *** [snort] Error 1
Any clues as to why it keeps failing?
Mike Aylor
maylor () swbanktx com
CONFIDENTIALITY NOTICE:
************************************************************************
The information contained in this ELECTRONIC MAIL transmission
is confidential. It may also be privileged work product or proprietary
information. This information is intended for the exclusive use of the
addressee(s). If you are not the intended recipient, you are hereby
notified that any use, disclosure, dissemination, distribution [other
than to the addressee(s)], copying or taking of any action because
of this information is strictly prohibited.
************************************************************************
------_=_NextPart_001_01C1660C.311C1810
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html;
charset=3Diso-8859-=
1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version
5.5.2653.12">
<TITLE>Compiling snort-1.8.2 with snmp support</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=3D2 FACE=3D"Arial">Hey all,</FONT>
</P>
<P><FONT SIZE=3D2 FACE=3D"Arial">Apologies if this question has already
bee=
n asked and answered...</FONT>
</P>
<P><FONT SIZE=3D2 FACE=3D"Arial">I'm trying to compile snort-1.8.2 on a
RH7=
.1 box. I've compiled and installed ucd-snmp-4.2.2 from source,
and s=
ubsequently editted the /etc/ld.so.conf file to include the path
/usr/local=
/lib (and after saving, I run ldconfig). When I begin the snort
confi=
g, I use the switches "./configure --with-mysql --with-snmp".
&nbs=
p; I know that the mysql portion works because if I just use the
--with-mys=
ql and not --with-snmp, it works fine.</FONT></P>
<P><FONT SIZE=3D2 FACE=3D"Arial">It then runs through the config with no
er=
rors. I then run make, and this is the output it gives me.
</FO=
NT>
</P>
<P><FONT SIZE=3D2 FACE=3D"Arial">gcc -DHAVE_CONFIG_H -I. -I. -I.
-I/usr/inc=
lude/pcap -I/usr/include/mysql -DENABLE_MYSQL -I/usr/local/include
-D=
ENABLE_SNMP -g -O2 -Wall -c spo_log_null.c</FONT></P>
<P><FONT SIZE=3D2 FACE=3D"Arial">gcc -g -O2 -Wall -L/usr/lib/mysql
-L=
/usr/local/lib -o snort snort.o log.o decode.o mstring.o
rules.=
o plugbase.o sp_pattern_match.o sp_tcp_flag_check.o sp_icmp_type_check.o
sp=
_icmp_code_check.o sp_ttl_check.o sp_ip_id_check.o sp_tcp_ack_check.o
sp_tc=
p_seq_check.o sp_dsize_check.o spp_http_decode.o spp_portscan.o
sp_ipoption=
_check.o sp_rpc_check.o sp_icmp_id_check.o sp_icmp_seq_check.o
sp_respond.o=
spo_alert_syslog.o spo_log_tcpdump.o spo_database.o sp_session.o
spp_defra=
g.o parser.o spo_alert_fast.o spo_alert_full.o spo_alert_smb.o
spo_alert_un=
ixsock.o sp_react.o spo_xml.o sp_ip_tos_check.o snprintf.o checksum.o
spp_t=
cp_stream2.o sp_reference.o sp_ip_fragbits.o spp_anomsensor.o tag.o
spp_uni=
decode.o codes.o strlcpyu.o strlcatu.o debug.o sp_tcp_win_check.o
spp_rpc_d=
ecode.o spp_bo.o spp_telnet_negotiation.o spo_csv.o sp_ip_same_check.o
sp_p=
riority.o sp_ip_proto.o ubi_BinTree.o ubi_SplayTree.o spo_unified.o
spp_str=
eam4.o spp_frag2.o spp_arpspoof.o spo_idmef.o spo_SnmpTrap.o
spo_log_null.o=
-lz -lpcap -lm -lnsl -lmysqlclient -lsnmp</FONT></P>
<P><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(keytools.o):
In f=
unction `generate_Ku':</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools=
.c:124: undefined reference to `EVP_md5'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools=
.c:126: undefined reference to `EVP_sha1'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools=
.c:126: undefined reference to `EVP_DigestInit'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools=
.c:141: undefined reference to `EVP_DigestUpdate'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/keytools=
.c:153: undefined reference to `EVP_DigestFinal'</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In
fun=
ction `sc_random':</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
150: undefined reference to `RAND_bytes'</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In
fun=
ction `sc_generate_keyed_hash':</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
255: undefined reference to `EVP_md5'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
258: undefined reference to `EVP_sha1'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
258: undefined reference to `HMAC'</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In
fun=
ction `sc_hash':</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
345: undefined reference to `EVP_md5'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
348: undefined reference to `EVP_sha1'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
348: undefined reference to `EVP_DigestInit'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
353: undefined reference to `EVP_DigestUpdate'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
354: undefined reference to `EVP_DigestFinal'</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In
fun=
ction `sc_encrypt':</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
592: undefined reference to `des_key_sched'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
596: undefined reference to `des_ncbc_encrypt'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
600: undefined reference to `des_ncbc_encrypt'</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">/usr/local/lib/libsnmp.a(scapi.o): In
fun=
ction `sc_decrypt':</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
715: undefined reference to `des_key_sched'</FONT>
<BR><FONT SIZE=3D2
FACE=3D"Arial">/packages/ucd-snmp-4.2.2/snmplib/scapi.c:=
718: undefined reference to `des_cbc_encrypt'</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">collect2: ld returned 1 exit
status</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">make: *** [snort] Error 1</FONT>
</P>
<P><FONT SIZE=3D2 FACE=3D"Arial">Any clues as to why it keeps
failing?</FON=
T>
</P>
<BR>
<P><FONT SIZE=3D2 FACE=3D"Arial">Mike Aylor</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">maylor () swbanktx com</FONT>
</P>
<CODE><FONT SIZE=3D3><BR>
<BR>
CONFIDENTIALITY NOTICE:<BR>
<BR>
************************************************************************<BR>
<BR>
The information contained in this ELECTRONIC MAIL transmission<BR>
is confidential. It may also be privileged work product or
proprietary<BR>
information. This information is intended for the exclusive use of
the<BR>
addressee(s). If you are not the intended recipient, you are hereby<BR>
notified that any use, disclosure, dissemination, distribution
[other<BR>
than to the addressee(s)], copying or taking of any action because<BR>
of this information is strictly prohibited.<BR>
<BR>
************************************************************************<BR>
</FONT></CODE></BODY>
</HTML>
------_=_NextPart_001_01C1660C.311C1810--
--__--__--
Message: 2
From: "Federico" <egopfe () hotmail com>
To: <snort-users () lists sourceforge net>
Date: Mon, 5 Nov 2001 16:31:03 +0100
Subject: [Snort-users] Rules bringed with 1.8.2
The Default Rule-Files bringed with snort 1.8.2 give errors with
classtype.... did someone noticed it ?
--__--__--
Message: 3
From: "Alex Rodrigues" <alex () bsbnet com>
To: <snort-users () lists sourceforge net>
Date: Mon, 5 Nov 2001 13:59:43 -0300
Subject: [Snort-users] Acid X portscan
What I have to configure to see all portscans traffic in my Acid?
Thanks.
Alex
--__--__--
Message: 4
From: SkatFiend () aol com
Date: Mon, 5 Nov 2001 11:46:54 EST
To: snort-users () lists sourceforge net
Subject: [Snort-users] New 1.8.2 Win32 Install
Is the snort binary in the new 1.8.2 Win32 install complied for MSSQL
support?
If not is there a static v1.8.2 available with MSSQL support?
Thanks, Cliff Arms
--__--__--
Message: 5
Date: Mon, 05 Nov 2001 09:12:41 -0800
From: "Andrew R. Baker" <andrewb () snort org>
To: ntimm () stingrey com
CC: snort-users () lists sourceforge net
Subject: Re: [Snort-users] barnyard
You probably need to be using a more recent version of Snort. I think
build 84 of Snort is the oldest build that is compatible with barnyard.
Of course you could just upgrade to Snort 1.8.2.
-Andrew
> Neal Timm wrote:
>
> I am getting these errors when using barnyard
> Unable to find SID (2, 3)
> Unable to find SID (0, 1004957390)
> and other similar Unable to fine SID
> It also is not getting the ip address in the alert
> [Priority: 0] {ICMP} 0.0.0.0 -> 1.0.0.0
> First time barnyard user any help would be appreciated.
> Am using snort 1.8.1 on redhat 7.1 with newest version of barnyard of
> snort website.
--__--__--
Message: 6
From: Richard Silver <richard.silver () eamc org>
To: snort-users () lists sourceforge net
Date: 05 Nov 2001 11:30:38 -0600
Subject: [Snort-users] 1.8.2 problem
Just d/l'd and installed 1.8.2 from source. Same procedure I've used for
1.8.0 & 1.8.1. Everything compiles happily, but no matter what I do, it
gives me the following message in my /var/log/messages:
snort: FATAL ERROR: database: The underlying database seems to be
running an older version of the DB schema. Please re-run the appropriate
DB creation script (e.g. create_mysql, create_postgresql, create_oracle)
located in the contrib\ directory.
I went ahead and re-created to see if that was really the problem - no
dice, same message. Re-compiled, same problem. Snort will start just
logging to the local logging facility, but not to MySQL. (And yes, it
does find and compile for MySQL, no errors. Also yes, been thru the FAQ
)
Re-installed 1.8.1 from scratch, using DB I created from 1.8.2
create_mysql script, works fine.
Anyone else seeing this?
Thanks,
Richard
Richard Silver
Sr. Network Engineer
East Alabama Medical Center
--__--__--
Message: 7
To: "Federico" <egopfe () hotmail com>
Cc: <snort-users () lists sourceforge net>
Subject: Re: [Snort-users] Rules bringed with 1.8.2
From: Chris Green <cmg () uab edu>
Reply-To: snort-users () lists sourceforge net
Date: Mon, 05 Nov 2001 11:33:49 -0600
"Federico" <egopfe () hotmail com> writes:
> The Default Rule-Files bringed with snort 1.8.2 give errors with
> classtype.... did someone noticed it ?
I haven't seen this error. What error do you get? Did you install the
new classification.config
--
Chris Green <cmg () uab edu>
Laugh and the world laughs with you, snore and you sleep alone.
--__--__--
Message: 8
Subject: RE: [Snort-users] Compiling snort-1.8.2 with snmp support
Date: Mon, 5 Nov 2001 11:38:08 -0600
From: "Robert D. Hughes" <rob () robhughes com>
To: "Michael Aylor" <maylor () swbanktx com>,
<snort-users () lists sourceforge net>
This is a multi-part message in MIME format.
------_=_NextPart_001_01C16620.A1E90BE4
Content-Type: multipart/alternative;
boundary="----_=_NextPart_002_01C16620.A1E90BE4"
------_=_NextPart_002_01C16620.A1E90BE4
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
When you compiled UCD, did you compile in SNMP V3 support? I believe its
the default, but I'm not sure. At any rate, those messages are all
related to V3 stuff.
=20
Rob
- -----Original Message-----
From: Michael Aylor [mailto:maylor () swbanktx com]
Sent: Monday, November 05, 2001 9:12 AM
To: 'snort-users () lists sourceforge net'
Subject: [Snort-users] Compiling snort-1.8.2 with snmp support
Hey all,=20
Apologies if this question has already been asked and answered...=20
I'm trying to compile snort-1.8.2 on a RH7.1 box. I've compiled and
installed ucd-snmp-4.2.2 from source, and subsequently editted the
/etc/ld.so.conf file to include the path /usr/local/lib (and after
saving, I run ldconfig). When I begin the snort config, I use the
switches "./configure --with-mysql --with-snmp". I know that the mysql
portion works because if I just use the --with-mysql and not
--with-snmp, it works fine.
It then runs through the config with no errors. I then run make, and
this is the output it gives me. =20
gcc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include/pcap
-I/usr/include/mysql -DENABLE_MYSQL -I/usr/local/include -DENABLE_SNMP
-g -O2 -Wall -c spo_log_null.c
gcc -g -O2 -Wall -L/usr/lib/mysql -L/usr/local/lib -o snort snort.o
log.o decode.o mstring.o rules.o plugbase.o sp_pattern_match.o
sp_tcp_flag_check.o sp_icmp_type_check.o sp_icmp_code_check.o
sp_ttl_check.o sp_ip_id_check.o sp_tcp_ack_check.o sp_tcp_seq_check.o
sp_dsize_check.o spp_http_decode.o spp_portscan.o sp_ipoption_check.o
sp_rpc_check.o sp_icmp_id_check.o sp_icmp_seq_check.o sp_respond.o
spo_alert_syslog.o spo_log_tcpdump.o spo_database.o sp_session.o
spp_defrag.o parser.o spo_alert_fast.o spo_alert_full.o spo_alert_smb.o
spo_alert_unixsock.o sp_react.o spo_xml.o sp_ip_tos_check.o snprintf.o
checksum.o spp_tcp_stream2.o sp_reference.o sp_ip_fragbits.o
spp_anomsensor.o tag.o spp_unidecode.o codes.o strlcpyu.o strlcatu.o
debug.o sp_tcp_win_check.o spp_rpc_decode.o spp_bo.o
spp_telnet_negotiation.o spo_csv.o sp_ip_same_check.o sp_priority.o
sp_ip_proto.o ubi_BinTree.o ubi_SplayTree.o spo_unified.o spp_stream4.o
spp_frag2.o spp_arpspoof.o spo_idmef.o spo_SnmpTrap.o spo_log_null.o
-lz -lpcap -lm -lnsl -lmysqlclient -lsnmp
/usr/local/lib/libsnmp.a(keytools.o): In function `generate_Ku':=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:124: undefined reference to
`EVP_md5'=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to
`EVP_sha1'=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to
`EVP_DigestInit'=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:141: undefined reference to
`EVP_DigestUpdate'=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:153: undefined reference to
`EVP_DigestFinal'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_random':=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:150: undefined reference to
`RAND_bytes'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_generate_keyed_hash':
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:255: undefined reference to
`EVP_md5'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to
`EVP_sha1'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to
`HMAC'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_hash':=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:345: undefined reference to
`EVP_md5'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to
`EVP_sha1'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to
`EVP_DigestInit'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:353: undefined reference to
`EVP_DigestUpdate'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:354: undefined reference to
`EVP_DigestFinal'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_encrypt':=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:592: undefined reference to
`des_key_sched'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:596: undefined reference to
`des_ncbc_encrypt'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:600: undefined reference to
`des_ncbc_encrypt'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_decrypt':=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:715: undefined reference to
`des_key_sched'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:718: undefined reference to
`des_cbc_encrypt'=20
collect2: ld returned 1 exit status=20
make: *** [snort] Error 1=20
Any clues as to why it keeps failing?=20
Mike Aylor=20
maylor () swbanktx com=20
CONFIDENTIALITY NOTICE:
************************************************************************
The information contained in this ELECTRONIC MAIL transmission
is confidential. It may also be privileged work product or proprietary
information. This information is intended for the exclusive use of the
addressee(s). If you are not the intended recipient, you are hereby
notified that any use, disclosure, dissemination, distribution [other
than to the addressee(s)], copying or taking of any action because
of this information is strictly prohibited.
************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
iQA/AwUBO+bOgOa2P6TrxG1EEQJnvgCgmLlYZ1X7NufaqBSkvIalN8l3vwUAniEy
AIcGjf/R2PYE86ZxDEbbBZqx
=3DZZVJ
-----END PGP SIGNATURE-----
------_=_NextPart_002_01C16620.A1E90BE4
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<TITLE>Compiling snort-1.8.2 with snmp support</TITLE>
<META content=3D"MSHTML 5.50.4807.2300" name=3DGENERATOR></HEAD>
<BODY><PRE>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
When you compiled UCD, did you compile in SNMP V3 support? I believe its
=
the default, but I'm not sure. At any rate, those messages are all =
related to V3 stuff.
=20
Rob
- -----Original Message-----
From: Michael Aylor [mailto:maylor () swbanktx com]
Sent: Monday, November 05, 2001 9:12 AM
To: 'snort-users () lists sourceforge net'
Subject: [Snort-users] Compiling snort-1.8.2 with snmp support
Hey all,=20
Apologies if this question has already been asked and answered...=20
I'm trying to compile snort-1.8.2 on a RH7.1 box. I've compiled and =
installed ucd-snmp-4.2.2 from source, and subsequently editted the =
/etc/ld.so.conf file to include the path /usr/local/lib (and after =
saving, I run ldconfig). When I begin the snort config, I use the =
switches "./configure --with-mysql --with-snmp". I know that the mysql
=
portion works because if I just use the --with-mysql and not =
--with-snmp, it works fine.
It then runs through the config with no errors. I then run make, and =
this is the output it gives me. =20
gcc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include/pcap =
-I/usr/include/mysql -DENABLE_MYSQL -I/usr/local/include -DENABLE_SNMP
=
-g -O2 -Wall -c spo_log_null.c
gcc -g -O2 -Wall -L/usr/lib/mysql -L/usr/local/lib -o snort snort.o =
log.o decode.o mstring.o rules.o plugbase.o sp_pattern_match.o =
sp_tcp_flag_check.o sp_icmp_type_check.o sp_icmp_code_check.o =
sp_ttl_check.o sp_ip_id_check.o sp_tcp_ack_check.o sp_tcp_seq_check.o =
sp_dsize_check.o spp_http_decode.o spp_portscan.o sp_ipoption_check.o =
sp_rpc_check.o sp_icmp_id_check.o sp_icmp_seq_check.o sp_respond.o =
spo_alert_syslog.o spo_log_tcpdump.o spo_database.o sp_session.o =
spp_defrag.o parser.o spo_alert_fast.o spo_alert_full.o spo_alert_smb.o
=
spo_alert_unixsock.o sp_react.o spo_xml.o sp_ip_tos_check.o snprintf.o =
checksum.o spp_tcp_stream2.o sp_reference.o sp_ip_fragbits.o =
spp_anomsensor.o tag.o spp_unidecode.o codes.o strlcpyu.o strlcatu.o =
debug.o sp_tcp_win_check.o spp_rpc_decode.o spp_bo.o =
spp_telnet_negotiation.o spo_csv.o sp_ip_same_check.o sp_priority.o =
sp_ip_proto.o ubi_BinTree.o ubi_SplayTree.o spo_unified.o spp_stream4.o
=
spp_frag2.o spp_arpspoof.o spo_idmef.o spo_SnmpTrap.o spo_log_null.o =
-lz -lpcap -lm -lnsl -lmysqlclient -lsnmp
/usr/local/lib/libsnmp.a(keytools.o): In function `generate_Ku':=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:124: undefined reference to
=
`EVP_md5'=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to
=
`EVP_sha1'=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:126: undefined reference to
=
`EVP_DigestInit'=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:141: undefined reference to
=
`EVP_DigestUpdate'=20
/packages/ucd-snmp-4.2.2/snmplib/keytools.c:153: undefined reference to
=
`EVP_DigestFinal'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_random':=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:150: undefined reference to =
`RAND_bytes'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_generate_keyed_hash':
=
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:255: undefined reference to =
`EVP_md5'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to =
`EVP_sha1'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:258: undefined reference to =
`HMAC'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_hash':=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:345: undefined reference to =
`EVP_md5'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to =
`EVP_sha1'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:348: undefined reference to =
`EVP_DigestInit'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:353: undefined reference to =
`EVP_DigestUpdate'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:354: undefined reference to =
`EVP_DigestFinal'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_encrypt':=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:592: undefined reference to =
`des_key_sched'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:596: undefined reference to =
`des_ncbc_encrypt'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:600: undefined reference to =
`des_ncbc_encrypt'=20
/usr/local/lib/libsnmp.a(scapi.o): In function `sc_decrypt':=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:715: undefined reference to =
`des_key_sched'=20
/packages/ucd-snmp-4.2.2/snmplib/scapi.c:718: undefined reference to =
`des_cbc_encrypt'=20
collect2: ld returned 1 exit status=20
make: *** [snort] Error 1=20
Any clues as to why it keeps failing?=20
Mike Aylor=20
maylor () swbanktx com=20
CONFIDENTIALITY NOTICE:
************************************************************************
The information contained in this ELECTRONIC MAIL transmission
is confidential. It may also be privileged work product or proprietary
information. This information is intended for the exclusive use of the
addressee(s). If you are not the intended recipient, you are hereby
notified that any use, disclosure, dissemination, distribution [other
than to the addressee(s)], copying or taking of any action because
of this information is strictly prohibited.
************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
iQA/AwUBO+bOgOa2P6TrxG1EEQJnvgCgmLlYZ1X7NufaqBSkvIalN8l3vwUAniEy
AIcGjf/R2PYE86ZxDEbbBZqx
=3DZZVJ
-----END PGP SIGNATURE-----
</PRE></BODY></HTML>
------_=_NextPart_002_01C16620.A1E90BE4--
------_=_NextPart_001_01C16620.A1E90BE4
Content-Type: application/octet-stream;
name="PGPexch.htm.asc"
Content-Transfer-Encoding: base64
Content-Description: PGPexch.htm.asc
Content-Disposition: attachment;
filename="PGPexch.htm.asc"
LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tDQpWZXJzaW9uOiBQR1AgNy4wLjQNCg0Kb3dITldV
dHZHOGtSZGhMc3hZQU9lMHNPQVhvVllQMkFPRU5Tb21YTGxMd1VTYThJVTVRc1VUWU13NkNiTXox
aw0KTDJlNlo3dDdKTkdISU5kY0FnUzVKUUdTQUxrbVFDNzVCVDRHK1FXNUJWa2dDSExmUTRDa3F1
Y2hVclpYTkNDdA0KUTVnV3B4OWZ2YjZxNmFuNTZiVUgzL3ZvTy9lLyt1dFB2dnJ6ZzkvLzYzWFUr
dmk3Zi92VHRkLys3ai8vK01zSg0KZmYzb3g3LzU3OUxHOTM5OXEvMzY0Nit2L2VxajlhLy9QZnI3
SCsvK29QbXpuLytpdTNQMHkxZWYvUE1QUHh5Yg0KYS9pcGY5TGFhL2FmN2JmSlRuKzNTL2FQdHJ1
ZEpsa3V1ZTdUMWFicnR2cXRkR0xOS1pPK29rSnp3Nldnb2V1Mg0KZTh0YlM5ZnJPTHRWMzJrM1du
aTEyKzQzWUVOL3Y5UitmTlI1c3JuY2xNSXdZVXI5YWN5V1NYT3YxMi8zK3B2TA0KaHAwYWQyeWk4
RDd4eGxScFpqYWZjdUhMRTEycVZHdFZpOXp2OUx2dHJhYU1ZaDV5TVNKYVNHVktGZWV1VXlVbg0K
M0l4aElJcUpUdUlZeHV0dXVuenBlcTZGbDByZVhONDl0QmJVbkZyWldidGJYbmVxcStYeU1oRTBZ
cHVmdDN2dA0KZzBaLzcyQ3I3dVkyYk8rMW51SGZWdWZKVnYxd3Y5RWpYa2kxM2x5OWM2Kzh2cnBl
V1MrVmE1Vkt0Vnl1Yk5VZg0KZ2tFa29CN2JiQ2hPUXhBYVNyWDVveko4Z29Cby9vcHRWcmVlanBr
Z1M5ZW5Nb0Y1dEliNTVLalpXaUUrOThuTQ0KS09HQ0hQWjI5OG1UMWR5c0I2UkRoaXprN0JobWpT
Wm16SWpQQXBxRVpnVWdoNGtoblJzUkVkTEFEc1VjMGpDRQ0KaWlsUjFMQVZXQzAxSXhIVG1vNllK
bFF4UXNPUUtCYkN0RStNUkVsTDE3Vkpnc0NwdTJnTStBRk5oajlvL3FWNA0KQVFTa2ZwaVg4S2tZ
NnZqK1ZjZzVrTU4zR0xQZDNXcytlbnkwMTBlaUVJSkNNM0Y3aVFtbG5PeW12dHBoMUdjSw0KNHFN
MlE2UEFhWHdrTmtNV21Ga2QrblFzSTBvUUtCTmN3cytlNGlNT0dVSXlMRHRZM3dhR2JXODlWRExh
cUx2Yg0KVzJTWEErOVpTQnBUTU1GaVBJOG9ENDNjaUNnT2ZhWlBobFJNektrRDVIaVJiVDhFUG1m
YnBmRHBkSVgwNURHTA0KaHFCcXViWkMwRW5rM2thbGF2RWF1OW11dmt6MzNFZ1RLTkZNNmM5Q3Jv
MTJ0RXlVeHdLcFJzd1J6TnpJNVNURA0KTDVpWGliSzZIWjV0ZlVFV1RVa0xkbkFXOWpRSTRQYjlO
ME9aZVhDSFRaR2lLOWtlVW5mM0w5clNpSUVGSXc3OA0KNWdFd25tdnlaY0kwVmlreXBrRDZVRUV3
cDVCRmtJUlVUNEQzQ0VpRkQxOTl3aFR6SGNkNUQzbVliMFpOMFh4SQ0Kb0R4MVp6MEJraWs1MkZs
M0tsYlVVSjQ2S2RraFZ5R1BpeHFBT25DaERSZ01WNG5ubDlCOXBUV25DaUFCVUlXaw0KOFZteEt5
M1BrcUZtWUo0dzRaUXdueHVieGxBVFhHWThOL1Fob01BWEVaQUFkUUwxdVBEQ3hHZDJUVXdoUUlq
aQ0KSmxxNW9mU2dpb2Q4U0c1YVh3UUdXS1RwTWRpMUFrVkhKWUtFUG1MeDBhMWNmVnZJc0NBQndT
MmsxUWt0SitsSw0KM0Fra3NYTWFDT0dOSVN6TGpwdk9Rb0VpcFJMeXBCUk45WmRoZm9GV0wrY3lF
TEpESmtLZUFBbzFGaXBkalp6Qw0KcUo1SU5kR2doRWRSRkFTOVE3NUl0Q2tFejRuSVBZY1Zja2Jj
Q2xUVERDamdncDBWdjR2RGIxVVM2Q0FzeDBvbQ0KbzdFVm05cVlwb0dRVmloVFNpcGRCTC9ZU0NJ
NnlhSnFDY3ZUd2k0VEUwTkJCODFHL0JnY0Y3RlpweXl1NHNqeg0KU0ttMTAzalNIc0FOOTJIbjg4
RU9LWFdjNG92YlN4M0xnb3dmYnV6Uk9KTjFiaWFMVkt2ZGEyeDMyNFBkWjRlUA0KdTdNSUtZOXlu
aFhyOEQ2V0E0NUlhYTlLU2sveDNsUHlVdExFY2dCWk94QkpHRHJlZTVuMlZ0UnVxZ3NmWnZwYQ0K
QmJ2elJNODN5cFN5MmFYOTdVZ0Myc0QvUHZPa3orQkhwSTJDVklCZktnbVpkdEtBeG1FeUdsS05D
M1E4Z0lTQw0KcEJHRGlBTFIweUhqeFlNZ3BLTUJNTiticEdQY2kyQUN6ai9GWU9xQmRBTGx6YTQy
SnB6YkRQLzh1WG1RUUwzSg0KZVN3Y2h0SXd1OUpIbjgwTXhJT3hNVENjbTRnam1GUGFvMkpHcVZq
R21HYXpTQ3IyM2pCb1hpczdOQ3MvUTFNTQ0KSWkxOHUwZ09hTWlVR2VpcFRwMmRrd0IwOTVNb3pr
WjhhdWlaanpYY1JFR2JBaEgxRHhURjdUR2VHOVVjZEVDMQ0KbVI5QWZzMEpqNFlGVmo2V0NINnFa
V0VzbzE0T2NocUZSUmlNMUdjV2l4allZWUlNeWc3ckpNcWNhbU5oQUNlcQ0KNXBBQjNHZUV4d293
TkdFSUI3cHNCeFV5MGt4b3FUSkVRMGZaRkNoWFJBei8yQzFHaFY0OFRmS2YxQ1NXdThOaw0KZEVh
U0V5N09SU01ONUZ6OGh6TFhtWVZ3QUJnSU5wS0dVNU82SEYzZzZlTlpjZ3cwSEp0bkl3K09rSXFi
YVdGYQ0KcktSQjFHVElCOXRjOUJWajJkVmhITkpwZHAxSEFNd0xPUE16TFZLdnJXVlg2S1JxN2lF
VnczSVpaRnB4UDJMQg0KRE13aDFIUjRQTWs1VkpRV21TZDkrQXErV09YZ1R3UmZvY05peXBZTUR3
N1p3cVNGSThSYnhPSkZhYjdNNEJmMw0KTy9UbWhFMk5sQ0dFN05ZRzZRZ1NKTUt6dHpBRWZEbGln
dUU1ZmZBb3ViRlJIRUR3d0hSZXpzd1IwNDBoK2ZFMA0KNzg2ZkYxejhpZElMbVI0Y0JOYzJTQ0ln
WWVBVzU1T0NoWGd3c0JxMG4rd1BJcjkyNDJxRTM3bFl1QjdUeW9lVA0KM3VJQVpqcUNtNnZSWWEy
eXFBNUhNVlE5ZGpWYTFGWVgxZUloUHJZc3JzUzdXQS8zazVpL1FmbVgyaHNvT1BISQ0KNkl6c05x
L2VKbVpSTzFOUmFHUjV3Nks5dzlDWEI0MWVhekNjR3FhdnlqN3JTN0N4eUdxSUFmTUg4QWd5dnNU
cw0KemcydTFtcmZjbXFmU2I3N2JlZjF3cUozZGh2TmJ4YTdlR3p0YzhnNS9sNVJNRmZYUGxRd1Y5
YytXREFYRW4wVg0KRmJwUVlQSENlTm5sK1V5RnRmK2IyZ3h5MVRRMlYxQ2NhL2VxMzF5YzRWQ0wx
WEtnNFZqcFg3NlhhL2N1T0F1Zw0KZk9FTnozeHc2U3JjS1pldlNvWDNqelE4QUZ4UnBOY3J0UThh
NmZYSzNZdmR2TENYTSttZURFUG1HZUJ3aUpBbQ0KVVlpZHR2YllLVGZ3Q0FiUFgzb1JLR3o3YkpE
YnQyK1Q1N2J0OElLMHNVTmtvU3J2MC9JVVUrS0ZDYmIwTmRwMg0KTXA1aTEyakNXS3hodWUzTlBw
aUxMbUNpWWhmZzd2SUpTenZTaTRibUxjM3FXVHZxemIxV093TW9kcTF1NVoxaA0KMjUxcXRYdjlU
cVBiNlQrelMzcDcvVTZ6dlpFdnVYMUpueHl2bjNVdHVRaWtpdXlEcm4xVFJDMWpiRnVUYTlMdQ0K
dHB2OWc3MWVwMGwyRzUwdU1mam1LK0syRllFb3NNUzIrM3g0WkFTUHBDMjFqaUhnRGtKRExjbVFF
WGd3UHVZaA0KR3dFc05ocmhXdnFKWndqRUczN0NMRE5VVFMzYW1TNE82YVA4OHhwaWp4RGZadmtB
QnFPMlc4aE9nUUthSHpQYg0KK0pUWSsyYUlSbjFmTWEwWnU2bHZPYVFUMkRkTXR1V3RtRzJENHVZ
Q1RUR1B4L2prdTJMWDRab3hKTTNRS2dhcg0KN2RONTJvbkY5MG9nYXNXQytWeDdvY1IzVHZnYUM4
UkZjSU5DWGUybFVYeVlXTTJmU3hDbkVBd3dCSklWeGMvcQ0KK0NJRjlHUnNlK3BvSFozWVg0RVZT
ZFBLbGZWN0VVbG1mZjV6SGtLcEhqYkdiYWRPeVRFZmNzTjg1MHFvNU02OA0KU2lvNkJTbmJYZnND
c2U3YU42TkwxLzhIDQo9N3F6Qg0KLS0tLS1FTkQgUEdQIE1FU1NBR0UtLS0tLQ0K
------_=_NextPart_001_01C16620.A1E90BE4--
--__--__--
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-users
End of Snort-users Digest
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Compiling snort-1.8.2 with snmp support Michael Aylor (Nov 05)
- <Possible follow-ups>
- RE: Compiling snort-1.8.2 with snmp support Robert D. Hughes (Nov 05)
- Compiling snort-1.8.2 with snmp support Kyley . Stabenow (Nov 05)
- RE: Compiling snort-1.8.2 with snmp support Michael Aylor (Nov 06)