Snort mailing list archives
misc errors
From: "Michael J. McCasland" <mjm () eitsystems com>
Date: Mon, 03 Feb 2003 22:17:10 -0500
Running redhat 7.3 w/ snort 1.9, using IDS policy manager to manage rules/configs. 2 IDS machines hosting three instances running on different nics - total 6 sensors
Using Postgress DB and SNMP Output for alerting in /var/log/messages: On machine 1-sensor 1-3: database: Problem inserting a new signature 'WEB-MISC robots.txt access'database: warning (SELECT sig_id FROM signature WHERE sig_name = ' WEB-MISC robots.txt acces.
....., Many lines of DB errors. On Machine 2-sensor 4-6: Getting snort:Warning: /etc/snort/eules4/rpc.rules(85) => Uknown keyword 'byte_jump' in rules! Warning: /etc/snort/rules6/rpc.rules(85) => Unknown keyword 'byte_test' in rule!
This is repeated multiple times for each sensor and many rules.Any ideas? Please help - seems as if the new rules downloaded do not jive for niether the DB or the rule proccessing engine?????
-mike mccasland ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- misc errors Michael J. McCasland (Feb 03)