Re: [Snort-users] New user to Snort- Having errors

From: Joel Esler <eslerj_at_nospam>
Date: Sat Nov 29 2008 - 13:10:52 GMT
To: Arun Patil <arunpatil123456@gmail.com>

On Nov 28, 2008, at 4:21 PM, Arun Patil wrote:

> Hi,
> I am a new user to snort but facing few problems.
> Whenver I give the command snort -v, I get the following message and
> the screen gets paused.
> D:\Snort\bin>snort -v
> Running in packet dump mode
>
> --== Initializing Snort ==--
> Initializing Output Plugins!
> Verifying Preprocessor Configurations!
> ***
> *** interface device lookup found: \
> ***
>
> Initializing Network Interface \Device\NPF_GenericDialupAdapter
> Decoding Ethernet on interface \Device\NPF_GenericDialupAdapter
>
> --== Initialization Complete ==--
>
> ,,_ -*> Snort! <*-
> o" )~ Version 2.8.3.1-ODBC-MySQL-FlexRESP-WIN32 GRE (Build 17)
> '''' By Martin Roesch & The Snort Team: http://www.snort.org/team.html
> (C) Copyright 1998-2008 Sourcefire Inc., et al.
> Using PCRE version: 7.4 2007-09-21
>
> Not Using PCAP_FRAMES
>

You are telling Snort to monitor in your dialup interface.

You need to specify which interface you want Snort to sniff on by using the "-i" command line tag. Try "snort -v -i 2"

Joel

This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/

Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

This message: [ Message body ]
Previous message: Arun Patil: "[Snort-users] New user to Snort- Having errors"
In reply to: Arun Patil: "[Snort-users] New user to Snort- Having errors"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]