Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort dies

From: Erek Adams <erek () theadamsfamily net>
Date: Wed, 6 Nov 2002 14:59:02 -0800 (PST)
On Wed, 6 Nov 2002, Cesar Andres Navarrete R. wrote:


Hi im kind of newbie using snort, im used, the enterprise guide, to
install snort with acid, snort center and rh 7.3.
The daemon starts but after some time the daemon suddenly die also in
/var/log/snort appears an alert 2gb file.
Also with snortcenter I try to start the daemon again and the script
throws something like "couldn?t find the config file for snort."
/root/.snortrc or something like that. Im using the same line wich I
used in  snortd at /etc/rc.d/init.d at the snort line command.



Sounds like you have more than one problem.  I'm guessing at these, but...


1)  You're using an OS that does not handle files larger than 2GB.  On
some OS'es, you can simply tweak the kernel and then recompile it.  At
that point, all should be well.

2)  It sounds like you aren't specifying the config file in the command
line.  If you command line looks something like "snort <options> -c
/path/to/snort.conf" then all should work.  I'm guessing that you dont'
have the -c option and that you don't have one of the 'default' [0] snort
files created.

Hope that helps!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


[0]     http://marc.theaimsgroup.com/?l=snort-users&m=103653677715182&w=2



-------------------------------------------------------
This sf.net email is sponsored by: See the NEW Palm
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: