Snort mailing list archives
Re: Snort Beta v2.6
From: Jason Brvenik <jasonb () sourcefire com>
Date: Mon, 20 Mar 2006 19:51:58 -0500
A few questions. Did you build with --enable-dynamicplugin Install using make install? Ensure that the plugins are located in is valid for shared objects? you can also use --dynamic-preprocessor-lib-dir on the command line to specify the path the plugins are located in. There is a config file param that will also work for this. Ron Jenkins wrote:
Is anyone else having these problems? / / /ERROR: /etc/snort/snort.conf(519) unknown preprocessor "ftp_telnet" Fatal Error, Quitting.. ERROR: /etc/snort/snort.conf(523) unknown preprocessor "ftp_telnet_protocol" Fatal Error, Quitting.. ERROR: /etc/snort/snort.conf(571) unknown preprocessor "smtp" Fatal Error, Quitting.. Rule application order: ->activation->dynamic->pass->drop->alert->log Log directory = /var/log/snort Verifying Preprocessor Configurations! Warning: flowbits key 'trojan' is set but not ever checked. Warning: flowbits key 'dce.bind.veritas' is set but not ever checked. Warning: flowbits key 'dce.isystemactivator.bind.call.attempt' is set but not ever checked. Warning: flowbits key 'http.jpeg' is checked but not ever set. Warning: flowbits key 'realplayer.playlist' is checked but not ever set. Warning: flowbits key 'ms_sql_seen_dns' is checked but not ever set. Warning: flowbits key 'netbios.lsass.bind.attempt' is checked but not ever set./ / / / / /After a short period of time snort exits with the following: Not Using PCAP_FRAMES/ Also, the server drive becomes very busy. Thanks… Ron Jenkins (SnortCP, MCNE, CNE6, MCP, CCNA, CCEA) Senior Architect Data Integrity, LLC "We Integrate People with Solutions" 1724 Dallas Drive Suite 11 Baton Rouge, La 70806 Office. 225.927.8030 Fax. 225.927.8033 Cell225.931.1632 Email. rjenkins () dibr net Web. http://www.dibr.net (Aanval Reseller and Technology Partner) http://www.aanval.com/tour/dibr
------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid0944&bid$1720&dat1642 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Beta v2.6 Ron Jenkins (Mar 20)
- Re: Snort Beta v2.6 Will Metcalf (Mar 20)
- Re: Snort Beta v2.6 Jason Brvenik (Mar 20)
- <Possible follow-ups>
- RE: Snort Beta v2.6 Ron Jenkins (Mar 20)
- Re: [RGSPAM] RE: Snort Beta v2.6 Jason Brvenik (Mar 20)