RE: [Snort-users] Snort IDS

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C3BF52.2261BCC0
Content-Type: text/plain;
charset="iso-8859-1"

Well, I found the problem. IDScenter is a little buggy and tries to change
the path on the classification.config file back to it's original state. Even
after changing it and saving it, if you close IDS and re-open it, it seems
to want to default back to the old path which is nothing.

D'oh!


Darwin L. Lambeth

Network Administrator

FPMI/Star Mountain

dlambeth@starmountain.com

210-822-0770 EXT 246


-----Original Message-----
From: Matt Kettler [mailto:mkettler@evi-inc.com]
Sent: Wednesday, December 10, 2003 1:04 PM
To: Lambeth, Darwin; 'snort-users@lists.sourceforge.net'
Subject: Re: [Snort-users] Snort IDS

At 01:22 PM 12/10/2003, Lambeth, Darwin wrote:
>Rule configuration wizard: Set a classification configuration file
>
>What does this mean?

exactly what it means.. you need a classfication.config (one of the files
that comes with SA).

------_=_NextPart_001_01C3BF52.2261BCC0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2653.12">
<TITLE>RE: [Snort-users] Snort IDS</TITLE>
</HEAD>
<BODY>

<P><FONT SIZE=3D2>Well, I found the problem. IDScenter is a little =
buggy and tries to change the path on the classification.config file =
back to it's original state. Even after changing it and saving it, if =
you close IDS and re-open it, it seems to want to default back to the =
old path which is nothing.</FONT></P>

<P><FONT SIZE=3D2>D'oh!</FONT>
</P>
<BR>

<P><FONT SIZE=3D2>Darwin L. Lambeth</FONT>
</P>

<P><FONT SIZE=3D2>Network Administrator</FONT>
</P>

<P><FONT SIZE=3D2>FPMI/Star Mountain</FONT>
</P>

<P><FONT SIZE=3D2>dlambeth@starmountain.com</FONT>
</P>

<P><FONT SIZE=3D2>210-822-0770 EXT 246</FONT>
</P>
<BR>

<P><FONT SIZE=3D2>-----Original Message-----</FONT>
<BR><FONT SIZE=3D2>From: Matt Kettler [<A =
HREF=3D"mailto:mkettler@evi-inc.com">mailto:mkettler@evi-inc.com</A>] =
</FONT>
<BR><FONT SIZE=3D2>Sent: Wednesday, December 10, 2003 1:04 PM</FONT>
<BR><FONT SIZE=3D2>To: Lambeth, Darwin; =
'snort-users@lists.sourceforge.net'</FONT>
<BR><FONT SIZE=3D2>Subject: Re: [Snort-users] Snort IDS</FONT>
</P>

<P><FONT SIZE=3D2>At 01:22 PM 12/10/2003, Lambeth, Darwin wrote:</FONT>
<BR><FONT SIZE=3D2>&gt;Rule configuration wizard: Set a classification =
configuration file</FONT>
<BR><FONT SIZE=3D2>&gt;</FONT>
<BR><FONT SIZE=3D2>&gt;What does this mean?</FONT>
</P>

<P><FONT SIZE=3D2>exactly what it means.. you need a =
classfication.config (one of the files </FONT>
<BR><FONT SIZE=3D2>that comes with SA).</FONT>
</P>

</BODY>
</HTML>
------_=_NextPart_001_01C3BF52.2261BCC0--


-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users