Did you try the snort.conf snippit I sent to the list?
Cheers,
-matt
info+lucretia.ca wrote:
> Anyone have a solution for this?
>
> Cheers,
>
>
> James Friesen, CIO
>
>> Thanks for the responses.
>
>> Yes, these and all the other preprocessors are in this dir
>> and linked. Here is the output from this dir:
>
>
>> sloa@X4ft11:/usr/local/lib/snort_dynamicpreprocessor$ ls -la
>> total 1268
>> drwxr-xr-x 2 root root 4096 2007-01-28 13:57 .
>> drwxr-xr-x 6 root root 4096 2007-01-25 21:12 ..
>> - -rw-r--r-- 1 root root 150854 2007-01-28 13:57
>> libsf_dcerpc_preproc.a
>> - -rwxr-xr-x 1 root root 989 2007-01-28 13:57
>> libsf_dcerpc_preproc.la
>> lrwxrwxrwx 1 root root 29 2007-01-28 13:57
>> libsf_dcerpc_preproc.so ->
>> libsf_ dcerpc_preproc.so.0.0.0
>> lrwxrwxrwx 1 root root 29 2007-01-28 13:57
>> libsf_dcerpc_preproc.so.0 ->
>> libs f_dcerpc_preproc.so.0.0.0
>> - -rwxr-xr-x 1 root root 93883 2007-01-28 13:57
>> libsf_dcerpc_preproc.so.0.0.0
>> - -rw-r--r-- 1 root root 51862 2007-01-28 13:57 libsf_dns_preproc.a
>> - -rwxr-xr-x 1 root root 968 2007-01-28 13:57 libsf_dns_preproc.la
>> lrwxrwxrwx 1 root root 26 2007-01-28 13:57 libsf_dns_preproc.so ->
>> libsf_dns _preproc.so.0.0.0
>> lrwxrwxrwx 1 root root 26 2007-01-28 13:57
>> libsf_dns_preproc.so.0 ->
>> libsf_d ns_preproc.so.0.0.0
>> - -rwxr-xr-x 1 root root 41482 2007-01-28 13:57
>> libsf_dns_preproc.so.0.0.0
>> - -rw-r--r-- 1 root root 302478 2007-01-28 13:57
>> libsf_ftptelnet_preproc.a
>> - -rwxr-xr-x 1 root root 1010 2007-01-28 13:57
>> libsf_ftptelnet_preproc.la
>> lrwxrwxrwx 1 root root 32 2007-01-28 13:57
>> libsf_ftptelnet_preproc.so ->
>> lib sf_ftptelnet_preproc.so.0.0.0
>> lrwxrwxrwx 1 root root 32 2007-01-28 13:57
>> libsf_ftptelnet_preproc.so.0
>> -> l ibsf_ftptelnet_preproc.so.0.0.0
>> - -rwxr-xr-x 1 root root 194949 2007-01-28 13:57
>> libsf_ftptelnet_preproc.so.0.0.0
>> - -rw-r--r-- 1 root root 173890 2007-01-28 13:57 libsf_smtp_preproc.a
>> - -rwxr-xr-x 1 root root 975 2007-01-28 13:57 libsf_smtp_preproc.la
>> lrwxrwxrwx 1 root root 27 2007-01-28 13:57
>> libsf_smtp_preproc.so ->
>> libsf_sm tp_preproc.so.0.0.0
>> lrwxrwxrwx 1 root root 27 2007-01-28 13:57
>> libsf_smtp_preproc.so.0 ->
>> libsf_ smtp_preproc.so.0.0.0
>> - -rwxr-xr-x 1 root root 108681 2007-01-28 13:57
>> libsf_smtp_preproc.so.0.0.0
>> - -rw-r--r-- 1 root root 56934 2007-01-28 13:57 libsf_ssh_preproc.a
>> - -rwxr-xr-x 1 root root 968 2007-01-28 13:57 libsf_ssh_preproc.la
>> lrwxrwxrwx 1 root root 26 2007-01-28 13:57 libsf_ssh_preproc.so ->
>> libsf_ssh _preproc.so.0.0.0
>> lrwxrwxrwx 1 root root 26 2007-01-28 13:57
>> libsf_ssh_preproc.so.0 ->
>> libsf_s sh_preproc.so.0.0.0
>> - -rwxr-xr-x 1 root root 46923 2007-01-28 13:57
>> libsf_ssh_preproc.so.0.0.0
>
>
>> Cheers,
>
>> James Friesen
>
>
>>> -----Original Message-----
>>> From: rmkml [mailto:rmkml@free.fr]
>>>
>>> Hi,
>>> do you have libsf_ftptelnet_preproc.so on this dir ?
>>> /usr/local/lib/snort_dynamicpreprocessor/
>>> and please send "ls -la /usr/local/lib/snort_dynamicpreprocessor/"
>>> Regards
>>> Rmkml
>>>
>>>
>>> On Mon, 29 Jan 2007, info+lucretia.ca wrote:
>>>
>>>> Hello.
>>>>
>>>> I'm trying to build 2.7.0.beta1 on Ubuntu 6.06. So far
>> things are
>>>> working well, except when I attempt to turn on the dynamic
>>> preprocessors.
>>>> I encountered an ID error when I simply uncommented them
>> so I added
>>>> some text to make them look like the command line
>>> counterparts. I'm
>>>> not certain whether they work from the command line, as I'm not
>>>> interested in starting them this way.
>>>>
>>>> Starting snort with 'sudo' using the one and only parameter: '-c
>>>> /etc/snort/snort.conf' I get the following output:
>>>>
>>>> ERROR: /etc/snort/snort.conf(539): Bad rule in rules file
>>>>
>>>> This line contains:
>>>>
>>>> dynamic-preprocessor-lib
>>>>
>> /usr/local/lib/snort_dynamicpreprocessor/libsf_ftptelnet_preproc.so
>>>> I get this error with any dynamic preprocessor enabled in
>>> snort.conf.
>>>> I've reviewed the documentation and could find nothing
>>> indicating the
>>>> correct format for the 'dynamic-*' options for snort.conf
>>> (the command
>>>> line is well documented...) and I reviewed the list and
>>> forums with no
>>>> luck on a solution.
>>>>
>>>> Cheers,
>>>>
>>>>
>>>> James Friesen, CIO
>>
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job
easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
|