Snort mailing list archives
Re: Snort Start up error
From: Joel Esler <jesler () sourcefire com>
Date: Thu, 18 Apr 2013 18:35:24 -0400
On Thu, Apr 18, 2013 at 06:25:18PM -0400, beenph wrote:
On Thu, Apr 18, 2013 at 6:13 PM, waldo kitty <wkitty42 () windstream net> wrote:On 4/18/2013 17:38, Said Nurhussein wrote:thanks Waldo. I have classification.config in /etc/snort.conf from the install but don't see version# when I display it.there is no version number in the classification.config file that i'm aware of... the file should be just over 3K bytes in size and contain roughly 70 lines... one of those lines should contain the misc-activity classification entry... the entry you are looking for will likely be toward the bottom in the "# NEW CLASSIFICATIONS" section...> Date: Thu, 18 Apr 2013 13:18:16 -0400 > From: wkitty42 () windstream net > To: snort-users () lists sourceforge net > Subject: Re: [Snort-users] Snort Start up error > > On 4/18/2013 11:23, Said Nurhussein wrote: > > Hello All, > > I've installed snort 2.9.4. 5 and using rules files snortrules-snapshot-2941.tar.gz > > but when i try to start snort I get the following error. > > > > ERROR: /etc/snort/rules/blacklist.rules(2) Unknown ClassType: misc-activity > > Fatal Error, Quitting.. > > > > How can I fix this. >Said, You can get updated classification.config here http://labs.snort.org/snort/2945/ This should fix your issue.
Have to make sure that your include statement is correct as well, make sure that you are pointing to the right classification.config in your Snort.conf -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort Start up error Said Nurhussein (Apr 18)
- Re: Snort Start up error waldo kitty (Apr 18)
- Message not available
- Re: Snort Start up error waldo kitty (Apr 18)
- Re: Snort Start up error beenph (Apr 18)
- Re: Snort Start up error Joel Esler (Apr 18)
- Message not available
- Re: Snort Start up error waldo kitty (Apr 18)
- Message not available
- Message not available
- Message not available
- Re: Snort Start up error waldo kitty (Apr 18)
- Re: Snort Start up error Said Nurhussein (Apr 18)
- Re: Snort Start up error waldo kitty (Apr 18)
- Re: Snort Start up error Said Nurhussein (Apr 18)
- Re: Snort Start up error waldo kitty (Apr 19)
- Re: Snort not seeing IP-traffic, just Ether/Other Glenn Geller (Apr 18)
- Re: Snort not seeing IP-traffic, just Ether/Other James Lay (Apr 18)
- Re: Snort not seeing IP-traffic, just Ether/Other Kim.Halavakoski () Crosskey fi (Apr 18)
- Re: Snort not seeing IP-traffic, just Ether/Other Eoin Miller (Apr 18)