Snort mailing list archives

Updating Snort

From: Nathan Hicks <NHicks () telpay ca>
Date: Mon, 22 Apr 2019 15:57:14 +0000

Hi,

We're using Snort as an IDS. So Snort, PulledPork, Barnyard2 and Snorby for the web interface. I'm having an issue 
where the snorby page isn't updating with detected events.
Everything else appears to be running properly, but when I try to start Snort, I get:

"ERROR: /etc/snort/rules/snort.rules(9243): unknown modifier "bitmask 0x8000"
Fatal Error, Quitting.."

I believe this is because we're using a very old version of Snort. I'd like to update all the components, but there 
doesn't appear to be any documentation that explains how to do that.

I'm a complete beginner at this stuff. Previous admin set it up and I'm just trying to figure it out - so any help is 
greatly appreciated.

Thanks,
Nathan

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Current thread:

Updating Snort Nathan Hicks (Apr 22)
- Re: Updating Snort Mark W. Jeanmougin via Snort-users (Apr 22)
- Re: Updating Snort Joel Esler (jesler) via Snort-users (Apr 22)