Snort mailing list archives
Re: snort installation error
From: Nick Moore <nmoore () sourcefire com>
Date: Tue, 10 Aug 2010 06:48:14 -0500
Jun, I would edit /etc/snort/rules/community-smtp.rules and comment out line 13. After that, I would search for !any in all my rules files to make sure there weren't any more of them. Hope this helps and happy snorting! Nick On Tue, Aug 10, 2010 at 5:49 AM, Jun Wan <junwei_wan () hotmail com> wrote:
Hi, I installed SNORT on a fresh Ubuntu 10.04 by following http://it.thelibrarie.com/weblog/?p=515 snort -c /etc/snort/snort.conf -i eth0 I get the following: Running in IDS mode --== Initializing Snort ==-- Initializing Output Plugins! Initializing Preprocessors! Initializing Plug-ins ....pls see the attached details of "Snort installation error.rtf"... +++++++++++++++++++++++++++++++++++++++++++++++++++ Initializing rule chains... Warning: /etc/snort/rules/dos.rules(42) => threshold (in rule) is deprecated; use detection_filter instead. ERROR: /etc/snort/rules/community-smtp.rules(13) => !any is not allowed Fatal Error, Quitting.. Can't find much info via "google", so I would like to have your help. Any info and help would be much appreciated. Thanks for your patience with my many Snort questions. Regards John ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Nick Moore, SFCE, CISSP, CISA Sr. Systems Engineer Voice 708-336-9041 Email nick.moore () sourcefire com IM nickgmoore (Yahoo) nickgmoore38 (AIM) ,,_ o" )~ Sourcefire - The Creators of Snort '''' www.sourcefire.com www.snort.org
------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort installation error Jun Wan (Aug 10)
- Re: snort installation error Sylvain Chillaud (Aug 10)
- Re: snort installation error Joel Esler (Aug 10)
- pulledpork re-organizing rules? Billy Marshall (Aug 10)
- Re: pulledpork re-organizing rules? Joel Esler (Aug 10)
- Re: pulledpork re-organizing rules? JJC (Aug 10)
- Re: pulledpork re-organizing rules? Billy Marshall (Aug 10)
- snort version 2.8.6.1 with 2.8.6.0 rules Billy Marshall (Aug 10)
- Re: snort version 2.8.6.1 with 2.8.6.0 rules Ryan Jordan (Aug 10)
- Re: snort installation error Joel Esler (Aug 10)
- Re: snort installation error Sylvain Chillaud (Aug 10)
- Re: snort installation error Edward Bjarte Fjellskål (Aug 10)