Snort mailing list archives
Problem About running Snort
From: Agbede Bunmi Michael <bunmiemich4chelsea () yahoo com>
Date: Fri, 16 Dec 2011 05:13:43 -0800 (PST)
My snort is giving the following error messages, please I really need your help. The output on the command prompt is as follows: Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Users\Bunmiemich>cd/ C:\>cd snort\bin C:\Snort\bin>snort -d -T ERROR: Test mode must be run with a snort configuration file. Use the '-c' opti on on the command line to specify a configuration file. Fatal Error, Quitting.. Could not create the registry key. C:\Snort\bin>snort -d Running in packet dump mode --== Initializing Snort ==-- Initializing Output Plugins! pcap DAQ configured to passive. Acquiring network traffic from "\Device\NPF_{AEC4E4C6-375B-4FA8-9C97-51E881A1D60 8}". Decoding Ethernet --== Initialization Complete ==-- ,,_ -*> Snort! <*- o" )~ Version 2.9.0.5-ODBC-MySQL-FlexRESP-WIN32 GRE (Build 135) '''' By Martin Roesch & The Snort Team: http://www.snort.org/snort/snort-t eam Copyright (C) 1998-2011 Sourcefire, Inc., et al. Using PCRE version: 8.10 2010-06-25 Using ZLIB version: 1.2.3 Commencing packet processing (pid=5872) *** Caught Int-Signal =============================================================================== Run time for packet processing was 22.1000 seconds Snort processed 0 packets. Snort ran for 0 days 0 hours 0 minutes 22 seconds Pkts/sec: 0 =============================================================================== Packet I/O Totals: Received: 0 Analyzed: 0 ( 0.000%) Dropped: 0 ( 0.000%) Filtered: 0 ( 0.000%) Outstanding: 0 ( 0.000%) Injected: 0 =============================================================================== Breakdown by protocol (includes rebuilt packets): Eth: 0 ( 0.000%) VLAN: 0 ( 0.000%) IP4: 0 ( 0.000%) Frag: 0 ( 0.000%) ICMP: 0 ( 0.000%) UDP: 0 ( 0.000%) TCP: 0 ( 0.000%) IP6: 0 ( 0.000%) IP6 Ext: 0 ( 0.000%) IP6 Opts: 0 ( 0.000%) Frag6: 0 ( 0.000%) ICMP6: 0 ( 0.000%) UDP6: 0 ( 0.000%) TCP6: 0 ( 0.000%) Teredo: 0 ( 0.000%) ICMP-IP: 0 ( 0.000%) EAPOL: 0 ( 0.000%) IP4/IP4: 0 ( 0.000%) IP4/IP6: 0 ( 0.000%) IP6/IP4: 0 ( 0.000%) IP6/IP6: 0 ( 0.000%) GRE: 0 ( 0.000%) GRE Eth: 0 ( 0.000%) GRE VLAN: 0 ( 0.000%) GRE IP4: 0 ( 0.000%) GRE IP6: 0 ( 0.000%) GRE IP6 Ext: 0 ( 0.000%) GRE PPTP: 0 ( 0.000%) GRE ARP: 0 ( 0.000%) GRE IPX: 0 ( 0.000%) GRE Loop: 0 ( 0.000%) MPLS: 0 ( 0.000%) ARP: 0 ( 0.000%) IPX: 0 ( 0.000%) Eth Loop: 0 ( 0.000%) Eth Disc: 0 ( 0.000%) IP4 Disc: 0 ( 0.000%) IP6 Disc: 0 ( 0.000%) TCP Disc: 0 ( 0.000%) UDP Disc: 0 ( 0.000%) ICMP Disc: 0 ( 0.000%) All Discard: 0 ( 0.000%) Other: 0 ( 0.000%) Bad Chk Sum: 0 ( 0.000%) Bad TTL: 0 ( 0.000%) S5 G 1: 0 ( 0.000%) S5 G 2: 0 ( 0.000%) Total: 0 =============================================================================== Snort exiting C:\Snort\bin>snort -A console -i2 -c C:\snort\etc\snort.conf -l C:\log\ -K ascii -T Running in Test mode --== Initializing Snort ==-- Initializing Output Plugins! Initializing Preprocessors! Initializing Plug-ins! Parsing Rules file "C:\snort\etc\snort.conf" ERROR: C:\snort\etc\snort.conf(39) Unknown rule type: ipvar. Fatal Error, Quitting.. Could not create the registry key. C:\Snort\bin> Please am using Snort for my work in school and it's very important I resolve this problem. Thanks very much.
------------------------------------------------------------------------------ Learn Windows Azure Live! Tuesday, Dec 13, 2011 Microsoft is holding a special Learn Windows Azure training event for developers. It will provide a great way to learn Windows Azure and what it provides. You can attend the event by watching it streamed LIVE online. Learn more at http://p.sf.net/sfu/ms-windowsazure
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Problem About running Snort Agbede Bunmi Michael (Dec 16)