Re: [Snort-users] snort 2.02 cant start automactically
This is a discussion on Re: [Snort-users] snort 2.02 cant start automactically within the Snort forums, part of the System Security and Security Related category; "th0ri4.wang" <th0ri4@yahoo.com.cn> writes: > hi, > > > > i have a ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-30-2004
|
|||
|
|||
Re: [Snort-users] snort 2.02 cant start automactically
"th0ri4.wang" <th0ri4@yahoo.com.cn> writes:
> hi, > > > > i have a debian woody box, i have copied the file S99snort to > /etc/init.d/snort,and create a symbol link at rc3.d. then i > > reboot my box, the following lines traped me: > > ---------------------------------------------------------------------- > ---------------------------------- > > Aug 23 18:15:29 andreas kernel: TCP: Hash tables configured > (established 4096 b > nd 4096) > Aug 23 18:15:29 andreas kernel: NET4: Unix domain sockets 1.0/SMP for > Linux NET > .0. > Aug 23 18:15:29 andreas kernel: ds: no socket drivers loaded! > Aug 23 18:15:29 andreas kernel: VFS: Mounted root (ext2 filesystem) > readonly. > Aug 23 18:15:29 andreas kernel: Freeing unused kernel memory: 188k > freed > Aug 23 18:15:29 andreas kernel: Adding Swap: 771048k swap-space > (priority -1) > Aug 23 18:15:32 andreas kernel: eth0: Promiscuous mode enabled. > Aug 23 18:15:32 andreas kernel: device eth0 entered promiscuous mode > Aug 23 18:15:33 andreas kernel: device eth0 left promiscuous mode > > ---------------------------------------------------------------------- > ----------------------------------- > > when the script get snort start, it immediately down and left > promiscuous mode, but when i use this command: What does it say in /var/log/messages ? eg. this is part of a successful start up - yours might be 'snort' instead of 'snort-pgsql': Aug 31 03:58:03 it023072 snort-pgsql: alert_large_fragments: ACTIVE Aug 31 03:58:03 it023072 snort-pgsql: alert_incomplete: ACTIVE Aug 31 03:58:03 it023072 snort-pgsql: alert_multiple_requests: ACTIVE Aug 31 03:58:03 it023072 snort-pgsql: telnet_decode arguments: Aug 31 03:58:03 it023072 snort-pgsql: Ports to decode telnet on: 21 23 25 119 Aug 31 03:58:03 it023072 postgres[5595]: [1] LOG: connection received: host=130.123.107.157 port=36152 Aug 31 03:58:03 it023072 postgres[5595]: [2] LOG: connection authorized: user=snort_db_user database=snort Aug 31 03:58:05 it023072 snort-pgsql: Warning: flowbits key 'realplayer.playlist' is checked but not ever set. Aug 31 03:58:05 it023072 snort-pgsql: Snort initialization completed successfully cheers, Jamie -- James Riden / j.riden@massey.ac.nz / Systems Security Engineer Information Technology Services, Massey University, NZ. GPG public key available at: http://www.massey.ac.nz/~jriden/ ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
