snort使用过程中的几个问题！请兄弟帮忙解决一下！！

zwlww · 发表于 2003-3-2 22:27:08

1、snort-lib 默认的安装位置？

2、下面问题不解？
[root@RedHalt root]# snort -vn 3
Initializing Output Plugins!
Log directory = /var/log/snort

Initializing Network Interface eth0

--== Initializing Snort ==--
Decoding Ethernet on interface eth0

--== Initialization Complete ==--

-*> Snort! <*-
Version 1.9.0 (Build 209)
By Martin Roesch (roesch@sourcefire.com, www.snort.org)
03/02-09:58:45.136896 192.168.0.6:1082 -> 211.49.58.179:12000
TCP TTL:128 TOS:0x0 ID:22136 IpLen:20 DgmLen:53 DF
***AP*** Seq: 0x573B34 Ack: 0xA90DCDB Win: 0x2211 TcpLen: 20
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/02-09:58:45.138770 61.183.29.47:27015 -> 192.168.0.12:27005
UDP TTL:126 TOS:0x0 ID:59113 IpLen:20 DgmLen:205
Len: 185
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/02-09:58:45.147043 192.168.0.14:1030 -> 61.184.66.76:7200
TCP TTL:64 TOS:0x0 ID:9484 IpLen:20 DgmLen:59
***AP*** Seq: 0x1BD6E Ack: 0xDEC6E972 Win: 0x20A5 TcpLen: 20
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

Run time for packet processing was 0.27770 seconds

===============================================================================
Snort analyzed 3 out of 3 packets, dropping 0(0.000%) packets

Breakdown by protocol: Action Stats:
TCP: 2 (66.667%) ALERTS: 0
UDP: 1 (33.333%) LOGGED: 0
ICMP: 0 (0.000%) PASSED: 0
ARP: 0 (0.000%)
EAPOL: 0 (0.000%)
IPv6: 0 (0.000%)
IPX: 0 (0.000%)
OTHER: 0 (0.000%)
DISCARD: 0 (0.000%)
===============================================================================
Wireless Stats:
Breakdown by type:
Management Packets: 0 (0.000%)
Control Packets: 0 (0.000%)
Data Packets: 0 (0.000%)
===============================================================================
Fragmentation Stats:
Fragmented IP Packets: 0 (0.000%)
Fragment Trackers: 0
Rebuilt IP Packets: 0
Frag elements used: 0
Discarded(incomplete): 0
Discarded(timeout): 0
Frag2 memory faults: 0
===============================================================================
TCP Stream Reassembly Stats:
TCP Packets Used: 0 (0.000%)
Stream Trackers: 0
Stream flushes: 0
Segments used: 0
Stream4 Memory Faults: 0
===============================================================================
Snort received signal 3, exiting
[root@RedHalt root]# snort -d
Initializing Output Plugins!
Log directory = /var/log/snort

Initializing Network Interface eth0
using config file /root/.snortrc
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file /root/.snortrc

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
ERROR: Unable to open rules file: /root/.snortrc or /root//root/.snortrc
Fatal Error, Quitting..
[root@RedHalt root]#

单独用-d选项和其它几个选项都出现如下问题!!

zwlww · 发表于 2003-3-3 21:03:45

踢一下！请兄弟们帮下啦！！！

Deadforg · 发表于 2003-4-27 20:22:25

我无法安2。0版的请兄先帮我
在rh9.0下出错
./configure
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... configure: error: newly created file is older than distributed files!
Check your system clock

Deadforg · 发表于 2003-4-28 19:59:01

兄弟在吗

		自动登录	找回密码
密码			注册