Snort mailing list archives

Re: Re[3]: -T option error

From: "AJ Butcher, Information Systems and Computing" <Alex.Butcher () bristol ac uk>
Date: Thu, 25 Mar 2004 10:06:32 +0000



--On 12 February 2004 00:09 +0300 crazy <crazy_smile () mail ru> wrote:

Tell us this:  HOW is it _not_ working?  I'm running about 3 different
2.x versions in my test setup, and -T works just fine.  In fact, I just
grabbed the latest CVS and built it.  Works just dandy--config file
checked and everything...

I am trying to make snort-2.1.1-RC1 to work together with SnortCenter.
(SnortCenter - Snort management console http://users.pandora.be/larc/ )

Snortcenter v1.0-RC1 is substantially out of step with the current Snort2.0.x and 2.1.x releases. It will lose parts of certain rules. Althoughit's likely this isn't the cause of your problems, it's something to bearin mind.

The good news is that Jason Alexander has forked it to create Snortcenter2<http://sourceforge.net/projects/snortcenter2> which aims to be fullycompatible with more recent versions of snort. If you pull the current CVS,it should work with Snort 2.0.6, and nearly work with Snort 2.1 (it'lltrash one of the current 2.1 rules).


I don't think Jason will mind me saying contributors are welcome.

When I run

snort -T -i eth0 -c /etc/snort/snort.eth0.conf

situation is the same when I run

snort -i eth0 -c /etc/snort/snort.eth0.conf

I thought that when "-T" option is used snort do not run and return
errors or no errors. But in my case snort runs.


Try:

       /path/to/snort -T -c /etc/snort/snort.eth0.conf

If that doesn't work, show us the output.

Pasha


Best Regards,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9




-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Re: Re[2]: -T option error, (continued)
- - - Re: Re[2]: -T option error Drew Smith (Feb 11)
    - Re: Re[2]: -T option error Erek Adams (Feb 11)
    - Re[3]: -T option error crazy (Feb 12)
    - Re[3]: -T option error Erek Adams (Feb 11)
    - Re[4]: -T option error crazy (Feb 12)
    - Re[4]: -T option error Erek Adams (Feb 13)
    - Message not available
    - Re[6]: -T option error crazy (Feb 16)
    - Integrate Snort with Remedy, Anyone Please??? Snortty (Feb 12)
    - Re: Integrate Snort with Remedy, Anyone Please??? Owen McCusker (Feb 12)
    - Re: Integrate Snort with Remedy, Anyone Please??? Jeff Nathan (Feb 12)
    - Re: Re[3]: -T option error AJ Butcher, Information Systems and Computing (Mar 25)
- Re: -T option error Drew Smith (Feb 11)