Snort: Failing messages - FATAL ERROR: Failed to Lock PID
-
I just tried to install snort last night and noticed it started up fine, but I had to make several changes to settings to get it to start. It's running on current version 2.0-RC3 (i386) built on Sat Aug 20 13:09:49 EDT 2011, but I'm not getting anything in the alerts and have played with the settings several ways to see if I can get different results. So far it hasn't made a difference I even installed it on another machine with same version snapshot and same settings, other than oink code. I don't know if anyone else is having this problem, but any help is appreciated.
-
snort logs if anyone's interested -
Aug 21 15:34:28 SnortStartup[17541]: Snort HARD Reload For 9713_bge1…
Aug 21 15:34:28 snort[17358]: FATAL ERROR: Failed to Lock PID File "/var/log/snort/run/snort_bge19713.pid" for PID "17358"
Aug 21 15:34:28 snort[17358]: FATAL ERROR: Failed to Lock PID File "/var/log/snort/run/snort_bge19713.pid" for PID "17358"
Aug 21 15:34:28 snort[17358]: PID path stat checked out ok, PID path set to /var/log/snort/run
Aug 21 15:34:28 snort[17358]: PID path stat checked out ok, PID path set to /var/log/snort/run
Aug 21 15:34:28 snort[17358]: Checking PID path…
Aug 21 15:34:28 snort[17358]: Checking PID path…
Aug 21 15:34:28 snort[17189]: Daemon parent exiting
Aug 21 15:34:28 snort[17189]: Daemon parent exiting
Aug 21 15:34:28 snort[17358]: Daemon initialized, signaled parent pid: 17189
Aug 21 15:34:28 snort[17358]: Daemon initialized, signaled parent pid: 17189
Aug 21 15:34:28 snort[17189]: Initializing daemon mode
Aug 21 15:34:28 snort[17189]: Initializing daemon mode
Aug 21 15:34:28 snort[17189]: Initializing Network Interface bge1
Aug 21 15:34:28 snort[17189]: Initializing Network Interface bge1
Aug 21 15:34:28 snort[17189]: Verifying Preprocessor Configurations!
Aug 21 15:34:28 snort[17189]: Verifying Preprocessor Configurations!
Aug 21 15:34:28 snort[17189]: Rule application order: activation->dynamic->pass->drop->alert->log
Aug 21 15:34:28 snort[17189]: Rule application order: activation->dynamic->pass->drop->alert->log
Aug 21 15:34:28 snort[17189]: –-----------------------------------------------------------------------------
Aug 21 15:34:28 snort[17189]: –-----------------------------------------------------------------------------
Aug 21 15:34:28 snort[17189]: | none
Aug 21 15:34:28 snort[17189]: | none
Aug 21 15:34:28 snort[17189]: +–---------------------[suppression]–----------------------------------------
Aug 21 15:34:28 snort[17189]: +–---------------------[suppression]–----------------------------------------
Aug 21 15:34:28 snort[17189]: | none
Aug 21 15:34:28 snort[17189]: | none
Aug 21 15:34:28 snort[17189]: +–---------------------[event-filter-local]–---------------------------------
Aug 21 15:34:28 snort[17189]: +–---------------------[event-filter-local]–---------------------------------
Aug 21 15:34:28 snort[17189]: +–---------------------[event-filter-global]–--------------------------------
Aug 21 15:34:28 snort[17189]: +–---------------------[event-filter-global]–--------------------------------
Aug 21 15:34:28 snort[17189]: | memory-cap : 1048576 bytes
Aug 21 15:34:28 snort[17189]: | memory-cap : 1048576 bytes
Aug 21 15:34:28 snort[17189]: +–---------------------[event-filter-config]–--------------------------------
Aug 21 15:34:28 snort[17189]: +–---------------------[event-filter-config]–--------------------------------
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: –-----------------------------------------------------------------------------
Aug 21 15:34:28 snort[17189]: –-----------------------------------------------------------------------------
Aug 21 15:34:28 snort[17189]: | none
Aug 21 15:34:28 snort[17189]: | none
Aug 21 15:34:28 snort[17189]: +–---------------------[rate-filter-rules]–----------------------------------
Aug 21 15:34:28 snort[17189]: +–---------------------[rate-filter-rules]–----------------------------------
Aug 21 15:34:28 snort[17189]: | memory-cap : 1048576 bytes
Aug 21 15:34:28 snort[17189]: | memory-cap : 1048576 bytes
Aug 21 15:34:28 snort[17189]: +–---------------------[rate-filter-config]–---------------------------------
Aug 21 15:34:28 snort[17189]: +–---------------------[rate-filter-config]–---------------------------------
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: –-----------------------------------------------------------------------------
Aug 21 15:34:28 snort[17189]: –-----------------------------------------------------------------------------
Aug 21 15:34:28 snort[17189]: | none
Aug 21 15:34:28 snort[17189]: | none
Aug 21 15:34:28 snort[17189]: +–---------------------[detection-filter-rules]–-----------------------------
Aug 21 15:34:28 snort[17189]: +–---------------------[detection-filter-rules]–-----------------------------
Aug 21 15:34:28 snort[17189]: | memory-cap : 1048576 bytes
Aug 21 15:34:28 snort[17189]: | memory-cap : 1048576 bytes
Aug 21 15:34:28 snort[17189]: +–---------------------[detection-filter-config]–----------------------------
Aug 21 15:34:28 snort[17189]: +–---------------------[detection-filter-config]–----------------------------
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: +–--------------------------------------------------------------------------
Aug 21 15:34:28 snort[17189]: +–--------------------------------------------------------------------------
Aug 21 15:34:28 snort[17189]: | s+d 0 0 0 0
Aug 21 15:34:28 snort[17189]: | s+d 0 0 0 0
Aug 21 15:34:28 snort[17189]: | nc 0 0 0 0
Aug 21 15:34:28 snort[17189]: | nc 0 0 0 0
Aug 21 15:34:28 snort[17189]: | any 0 0 0 0
Aug 21 15:34:28 snort[17189]: | any 0 0 0 0
Aug 21 15:34:28 snort[17189]: | dst 0 0 0 0
Aug 21 15:34:28 snort[17189]: | dst 0 0 0 0
Aug 21 15:34:28 snort[17189]: | src 0 0 0 0
Aug 21 15:34:28 snort[17189]: | src 0 0 0 0
Aug 21 15:34:28 snort[17189]: | tcp udp icmp ip
Aug 21 15:34:28 snort[17189]: | tcp udp icmp ip
Aug 21 15:34:28 snort[17189]: +–-----------------[Rule Port Counts]–-------------------------------------
Aug 21 15:34:28 snort[17189]: +–-----------------[Rule Port Counts]–-------------------------------------
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: +++++++++++++++++++++++++++++++++++++++++++++++++++
Aug 21 15:34:28 snort[17189]: +++++++++++++++++++++++++++++++++++++++++++++++++++
Aug 21 15:34:28 snort[17189]: 0 Dynamic rules
Aug 21 15:34:28 snort[17189]: 0 Dynamic rules
Aug 21 15:34:28 snort[17189]: 0 Option Chains linked into 0 Chain Headers
Aug 21 15:34:28 snort[17189]: 0 Option Chains linked into 0 Chain Headers
Aug 21 15:34:28 snort[17189]: 0 preprocessor rules
Aug 21 15:34:28 snort[17189]: 0 preprocessor rules
Aug 21 15:34:28 snort[17189]: 0 decoder rules
Aug 21 15:34:28 snort[17189]: 0 decoder rules
Aug 21 15:34:28 snort[17189]: 0 detection rules
Aug 21 15:34:28 snort[17189]: 0 detection rules
Aug 21 15:34:28 snort[17189]: 0 Snort rules read
Aug 21 15:34:28 snort[17189]: 0 Snort rules read
Aug 21 15:34:28 snort[17189]: Initializing rule chains…
Aug 21 15:34:28 snort[17189]: Initializing rule chains…
Aug 21 15:34:28 snort[17189]: +++++++++++++++++++++++++++++++++++++++++++++++++++
Aug 21 15:34:28 snort[17189]: +++++++++++++++++++++++++++++++++++++++++++++++++++
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: Server side data is trusted
Aug 21 15:34:28 snort[17189]: Server side data is trusted
Aug 21 15:34:28 snort[17189]: 1194
Aug 21 15:34:28 snort[17189]: 1194
Aug 21 15:34:28 snort[17189]: 990 992 993 994 995
Aug 21 15:34:28 snort[17189]: 990 992 993 994 995
Aug 21 15:34:28 snort[17189]: 443 465 563 636 989
Aug 21 15:34:28 snort[17189]: 443 465 563 636 989
Aug 21 15:34:28 snort[17189]: Ports:
Aug 21 15:34:28 snort[17189]: Ports:
Aug 21 15:34:28 snort[17189]: Encrypted packets: not inspected
Aug 21 15:34:28 snort[17189]: Encrypted packets: not inspected
Aug 21 15:34:28 snort[17189]: SSLPP config:
Aug 21 15:34:28 snort[17189]: SSLPP config:
Aug 21 15:34:28 snort[17189]: Maximum SMB command chaining: 3 commands
Aug 21 15:34:28 snort[17189]: Maximum SMB command chaining: 3 commands
Aug 21 15:34:28 snort[17189]: RPC over HTTP proxy: None
Aug 21 15:34:28 snort[17189]: RPC over HTTP proxy: None
Aug 21 15:34:28 snort[17189]: RPC over HTTP server: 1025-65535
Aug 21 15:34:28 snort[17189]: RPC over HTTP server: 1025-65535
Aug 21 15:34:28 snort[17189]: UDP: 1025-65535
Aug 21 15:34:28 snort[17189]: UDP: 1025-65535
Aug 21 15:34:28 snort[17189]: TCP: 1025-65535
Aug 21 15:34:28 snort[17189]: TCP: 1025-65535
Aug 21 15:34:28 snort[17189]: SMB: None
Aug 21 15:34:28 snort[17189]: SMB: None
Aug 21 15:34:28 snort[17189]: Autodetect ports
Aug 21 15:34:28 snort[17189]: Autodetect ports
Aug 21 15:34:28 snort[17189]: RPC over HTTP proxy: None
Aug 21 15:34:28 snort[17189]: RPC over HTTP proxy: None
Aug 21 15:34:28 snort[17189]: RPC over HTTP server: 593
Aug 21 15:34:28 snort[17189]: RPC over HTTP server: 593
Aug 21 15:34:28 snort[17189]: UDP: 135
Aug 21 15:34:28 snort[17189]: UDP: 135
Aug 21 15:34:28 snort[17189]: TCP: 135
Aug 21 15:34:28 snort[17189]: TCP: 135
Aug 21 15:34:28 snort[17189]: SMB: 139 445
Aug 21 15:34:28 snort[17189]: SMB: 139 445
Aug 21 15:34:28 snort[17189]: Detect ports
Aug 21 15:34:28 snort[17189]: Detect ports
Aug 21 15:34:28 snort[17189]: Policy: WinXP
Aug 21 15:34:28 snort[17189]: Policy: WinXP
Aug 21 15:34:28 snort[17189]: Server Default Configuration
Aug 21 15:34:28 snort[17189]: Server Default Configuration
Aug 21 15:34:28 snort[17189]: Events: smb co cl
Aug 21 15:34:28 snort[17189]: Events: smb co cl
Aug 21 15:34:28 snort[17189]: Memcap: 102400 KB
Aug 21 15:34:28 snort[17189]: Memcap: 102400 KB
Aug 21 15:34:28 snort[17189]: DCE/RPC Defragmentation: Enabled
Aug 21 15:34:28 snort[17189]: DCE/RPC Defragmentation: Enabled
Aug 21 15:34:28 snort[17189]: Global Configuration
Aug 21 15:34:28 snort[17189]: Global Configuration
Aug 21 15:34:28 snort[17189]: DCE/RPC 2 Preprocessor Configuration
Aug 21 15:34:28 snort[17189]: DCE/RPC 2 Preprocessor Configuration
Aug 21 15:34:28 snort[17189]: Whitespace Characters: 0x09 0x0b 0x0c 0x0d
Aug 21 15:34:28 snort[17189]: Whitespace Characters: 0x09 0x0b 0x0c 0x0d
Aug 21 15:34:28 snort[17189]: Non-RFC Compliant Characters: 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07
Aug 21 15:34:28 snort[17189]: Non-RFC Compliant Characters: 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07
Aug 21 15:34:28 snort[17189]: IIS Unicode Map: GLOBAL IIS UNICODE MAP CONFIG
Aug 21 15:34:28 snort[17189]: IIS Unicode Map: GLOBAL IIS UNICODE MAP CONFIG
Aug 21 15:34:28 snort[17189]: IIS Delimiter: YES alert: NO
Aug 21 15:34:28 snort[17189]: IIS Delimiter: YES alert: NO
Aug 21 15:34:28 snort[17189]: Apache WhiteSpace: YES alert: NO
Aug 21 15:34:28 snort[17189]: Apache WhiteSpace: YES alert: NO
Aug 21 15:34:28 snort[17189]: Web Root Traversal: YES alert: YES
Aug 21 15:34:28 snort[17189]: Web Root Traversal: YES alert: YES
Aug 21 15:34:28 snort[17189]: Directory Traversal: YES alert: NO
Aug 21 15:34:28 snort[17189]: Directory Traversal: YES alert: NO
Aug 21 15:34:28 snort[17189]: IIS Backslash: YES alert: NO
Aug 21 15:34:28 snort[17189]: IIS Backslash: YES alert: NO
Aug 21 15:34:28 snort[17189]: Multiple Slash: YES alert: NO
Aug 21 15:34:28 snort[17189]: Multiple Slash: YES alert: NO
Aug 21 15:34:28 snort[17189]: IIS Unicode: YES alert: NO
Aug 21 15:34:28 snort[17189]: IIS Unicode: YES alert: NO
Aug 21 15:34:28 snort[17189]: UTF 8: YES alert: NO
Aug 21 15:34:28 snort[17189]: UTF 8: YES alert: NO
Aug 21 15:34:28 snort[17189]: Base36: OFF
Aug 21 15:34:28 snort[17189]: Base36: OFF
Aug 21 15:34:28 snort[17189]: Bare Byte: YES alert: YES
Aug 21 15:34:28 snort[17189]: Bare Byte: YES alert: YES
Aug 21 15:34:28 snort[17189]: %U Encoding: YES alert: YES
Aug 21 15:34:28 snort[17189]: %U Encoding: YES alert: YES
Aug 21 15:34:28 snort[17189]: Double Decoding: YES alert: YES
Aug 21 15:34:28 snort[17189]: Double Decoding: YES alert: YES
Aug 21 15:34:28 snort[17189]: Ascii: YES alert: NO
Aug 21 15:34:28 snort[17189]: Ascii: YES alert: NO
Aug 21 15:34:28 snort[17189]: Extended ASCII code support in URI: NO
Aug 21 15:34:28 snort[17189]: Extended ASCII code support in URI: NO
Aug 21 15:34:28 snort[17189]: Normalize HTTP Cookies: NO
Aug 21 15:34:28 snort[17189]: Normalize HTTP Cookies: NO
Aug 21 15:34:28 snort[17189]: Inspect HTTP Responses: NO
Aug 21 15:34:28 snort[17189]: Inspect HTTP Responses: NO
Aug 21 15:34:28 snort[17189]: Inspect HTTP Cookies: NO
Aug 21 15:34:28 snort[17189]: Inspect HTTP Cookies: NO
Aug 21 15:34:28 snort[17189]: Normalize HTTP Headers: NO
Aug 21 15:34:28 snort[17189]: Normalize HTTP Headers: NO
Aug 21 15:34:28 snort[17189]: Only inspect URI: NO
Aug 21 15:34:28 snort[17189]: Only inspect URI: NO
Aug 21 15:34:28 snort[17189]: Oversize Dir Length: 0
Aug 21 15:34:28 snort[17189]: Oversize Dir Length: 0
Aug 21 15:34:28 snort[17189]: Disable Alerting: NO
Aug 21 15:34:28 snort[17189]: Disable Alerting: NO
Aug 21 15:34:28 snort[17189]: Allow Proxy Usage: NO
Aug 21 15:34:28 snort[17189]: Allow Proxy Usage: NO
Aug 21 15:34:28 snort[17189]: URI Discovery Strict Mode: NO
Aug 21 15:34:28 snort[17189]: URI Discovery Strict Mode: NO
Aug 21 15:34:28 snort[17189]: Inspect Pipeline Requests: YES
Aug 21 15:34:28 snort[17189]: Inspect Pipeline Requests: YES
Aug 21 15:34:28 snort[17189]: Max Number Header Fields: 0
Aug 21 15:34:28 snort[17189]: Max Number Header Fields: 0
Aug 21 15:34:28 snort[17189]: Max Header Field Length: 0
Aug 21 15:34:28 snort[17189]: Max Header Field Length: 0
Aug 21 15:34:28 snort[17189]: Max Chunk Length: 500000
Aug 21 15:34:28 snort[17189]: Max Chunk Length: 500000
Aug 21 15:34:28 snort[17189]: Client Flow Depth: 300
Aug 21 15:34:28 snort[17189]: Client Flow Depth: 300
Aug 21 15:34:28 snort[17189]: Server Flow Depth: 0
Aug 21 15:34:28 snort[17189]: Server Flow Depth: 0
Aug 21 15:34:28 snort[17189]: Ports: 80 8080
Aug 21 15:34:28 snort[17189]: Ports: 80 8080
Aug 21 15:34:28 snort[17189]: Server profile: All
Aug 21 15:34:28 snort[17189]: Server profile: All
Aug 21 15:34:28 snort[17189]: DEFAULT SERVER CONFIG:
Aug 21 15:34:28 snort[17189]: DEFAULT SERVER CONFIG:
Aug 21 15:34:28 snort[17189]: IIS Unicode Map Codepage: 1252
Aug 21 15:34:28 snort[17189]: IIS Unicode Map Codepage: 1252
Aug 21 15:34:28 snort[17189]: IIS Unicode Map Filename: /usr/local/etc/snort/snort_9713_bge1/unicode.map
Aug 21 15:34:28 snort[17189]: IIS Unicode Map Filename: /usr/local/etc/snort/snort_9713_bge1/unicode.map
Aug 21 15:34:28 snort[17189]: Detect Proxy Usage: NO
Aug 21 15:34:28 snort[17189]: Detect Proxy Usage: NO
Aug 21 15:34:28 snort[17189]: Inspection Type: STATELESS
Aug 21 15:34:28 snort[17189]: Inspection Type: STATELESS
Aug 21 15:34:28 snort[17189]: Max Pipeline Requests: 0
Aug 21 15:34:28 snort[17189]: Max Pipeline Requests: 0
Aug 21 15:34:28 snort[17189]: GLOBAL CONFIG
Aug 21 15:34:28 snort[17189]: GLOBAL CONFIG
Aug 21 15:34:28 snort[17189]: HttpInspect Config:
Aug 21 15:34:28 snort[17189]: HttpInspect Config:
Aug 21 15:34:28 snort[17189]: Timeout: 30 seconds
Aug 21 15:34:28 snort[17189]: Timeout: 30 seconds
Aug 21 15:34:28 snort[17189]: Stream5 ICMP Policy config:
Aug 21 15:34:28 snort[17189]: Stream5 ICMP Policy config:
Aug 21 15:34:28 snort[17189]: Timeout: 30 seconds
Aug 21 15:34:28 snort[17189]: Timeout: 30 seconds
Aug 21 15:34:28 snort[17189]: Stream5 UDP Policy config:
Aug 21 15:34:28 snort[17189]: Stream5 UDP Policy config:
Aug 21 15:34:28 snort[17189]: 19 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 19 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 18 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 18 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 17 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 17 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 16 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 16 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 15 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 15 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 14 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 14 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 13 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 13 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 12 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 12 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 11 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 11 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 10 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 10 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 9 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 9 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 8 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 8 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 7 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 7 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 6 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 6 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 5 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 5 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 4 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 4 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 3 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 3 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 2 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 2 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 1 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 1 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 0 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: 0 client (Footprint) server (Footprint)
Aug 21 15:34:28 snort[17189]: Reassembly Ports:
Aug 21 15:34:28 snort[17189]: Reassembly Ports:
Aug 21 15:34:28 snort[17189]: Static Flushpoint Sizes: YES
Aug 21 15:34:28 snort[17189]: Static Flushpoint Sizes: YES
Aug 21 15:34:28 snort[17189]: Options:
Aug 21 15:34:28 snort[17189]: Options:
Aug 21 15:34:28 snort[17189]: Maximum number of segs to queue per session: 2621
Aug 21 15:34:28 snort[17189]: Maximum number of segs to queue per session: 2621
Aug 21 15:34:28 snort[17189]: Maximum number of bytes to queue per session: 1048576
Aug 21 15:34:28 snort[17189]: Maximum number of bytes to queue per session: 1048576
Aug 21 15:34:28 snort[17189]: Timeout: 30 seconds
Aug 21 15:34:28 snort[17189]: Timeout: 30 seconds
Aug 21 15:34:28 snort[17189]: Reassembly Policy: BSD
Aug 21 15:34:28 snort[17189]: Reassembly Policy: BSD
Aug 21 15:34:28 snort[17189]: Stream5 TCP Policy config:
Aug 21 15:34:28 snort[17189]: Stream5 TCP Policy config:
Aug 21 15:34:28 snort[17189]: Log info if session memory consumption exceeds 1048576
Aug 21 15:34:28 snort[17189]: Log info if session memory consumption exceeds 1048576
Aug 21 15:34:28 snort[17189]: Max ICMP sessions: 65536
Aug 21 15:34:28 snort[17189]: Max ICMP sessions: 65536
Aug 21 15:34:28 snort[17189]: Track ICMP sessions: ACTIVE
Aug 21 15:34:28 snort[17189]: Track ICMP sessions: ACTIVE
Aug 21 15:34:28 snort[17189]: Max UDP sessions: 131072
Aug 21 15:34:28 snort[17189]: Max UDP sessions: 131072
Aug 21 15:34:28 snort[17189]: Track UDP sessions: ACTIVE
Aug 21 15:34:28 snort[17189]: Track UDP sessions: ACTIVE
Aug 21 15:34:28 snort[17189]: Memcap (for reassembly packet storage): 8388608
Aug 21 15:34:28 snort[17189]: Memcap (for reassembly packet storage): 8388608
Aug 21 15:34:28 snort[17189]: Max TCP sessions: 8192
Aug 21 15:34:28 snort[17189]: Max TCP sessions: 8192
Aug 21 15:34:28 snort[17189]: Track TCP sessions: ACTIVE
Aug 21 15:34:28 snort[17189]: Track TCP sessions: ACTIVE
Aug 21 15:34:28 snort[17189]: Stream5 global config:
Aug 21 15:34:28 snort[17189]: Stream5 global config:
Aug 21 15:34:28 snort[17189]: Min fragment Length: 0
Aug 21 15:34:28 snort[17189]: Min fragment Length: 0
Aug 21 15:34:28 snort[17189]: Overlap Limit: 0
Aug 21 15:34:28 snort[17189]: Overlap Limit: 0
Aug 21 15:34:28 snort[17189]: Fragment Problems: 1
Aug 21 15:34:28 snort[17189]: Fragment Problems: 1
Aug 21 15:34:28 snort[17189]: Fragment min_ttl: 1
Aug 21 15:34:28 snort[17189]: Fragment min_ttl: 1
Aug 21 15:34:28 snort[17189]: Fragment timeout: 60 seconds
Aug 21 15:34:28 snort[17189]: Fragment timeout: 60 seconds
Aug 21 15:34:28 snort[17189]: Target-based policy: BSD
Aug 21 15:34:28 snort[17189]: Target-based policy: BSD
Aug 21 15:34:28 snort[17189]: Frag3 engine config:
Aug 21 15:34:28 snort[17189]: Frag3 engine config:
Aug 21 15:34:28 snort[17189]: Fragment memory cap: 4194304 bytes
Aug 21 15:34:28 snort[17189]: Fragment memory cap: 4194304 bytes
Aug 21 15:34:28 snort[17189]: Max frags: 8192
Aug 21 15:34:28 snort[17189]: Max frags: 8192
Aug 21 15:34:28 snort[17189]: Frag3 global config:
Aug 21 15:34:28 snort[17189]: Frag3 global config:
Aug 21 15:34:28 snort[17189]: Log directory = /var/log/snort
Aug 21 15:34:28 snort[17189]: Log directory = /var/log/snort
Aug 21 15:34:28 snort[17189]: Finished Loading all dynamic preprocessor libs from /usr/local/lib/snort/dynamicpreprocessor
Aug 21 15:34:28 snort[17189]: Finished Loading all dynamic preprocessor libs from /usr/local/lib/snort/dynamicpreprocessor
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_ssl_preproc.so…
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_ssl_preproc.so…
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_ssh_preproc.so…
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_ssh_preproc.so…
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_smtp_preproc.so…
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_smtp_preproc.so…
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_sdf_preproc.so…
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_sdf_preproc.so…
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.so…
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.so…
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_dns_preproc.so…
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_dns_preproc.so…
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_dce2_preproc.so…
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_dce2_preproc.so…
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.so…
Aug 21 15:34:28 snort[17189]: Loading dynamic preprocessor library /usr/local/lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.so…
Aug 21 15:34:28 snort[17189]: Loading all dynamic preprocessor libs from /usr/local/lib/snort/dynamicpreprocessor…
Aug 21 15:34:28 snort[17189]: Loading all dynamic preprocessor libs from /usr/local/lib/snort/dynamicpreprocessor…
Aug 21 15:34:28 snort[17189]: Finished Loading all dynamic detection libs from /usr/local/lib/snort/dynamicrules
Aug 21 15:34:28 snort[17189]: Finished Loading all dynamic detection libs from /usr/local/lib/snort/dynamicrules
Aug 21 15:34:28 snort[17189]: Warning: No dynamic libraries found in directory /usr/local/lib/snort/dynamicrules!
Aug 21 15:34:28 snort[17189]: Warning: No dynamic libraries found in directory /usr/local/lib/snort/dynamicrules!
Aug 21 15:34:28 snort[17189]: Loading all dynamic detection libs from /usr/local/lib/snort/dynamicrules…
Aug 21 15:34:28 snort[17189]: Loading all dynamic detection libs from /usr/local/lib/snort/dynamicrules…
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: done
Aug 21 15:34:28 snort[17189]: Loading dynamic engine /usr/local/lib/snort/dynamicengine/libsf_engine.so…
Aug 21 15:34:28 snort[17189]: Loading dynamic engine /usr/local/lib/snort/dynamicengine/libsf_engine.so…
Aug 21 15:34:28 snort[17189]: Tagged Packet Limit: 256
Aug 21 15:34:28 snort[17189]: Tagged Packet Limit: 256
Aug 21 15:34:28 snort[17189]: Found pid path directive (/var/log/snort/run)
Aug 21 15:34:28 snort[17189]: Found pid path directive (/var/log/snort/run)
Aug 21 15:34:28 snort[17189]: Search-Method = AC-Banded
Aug 21 15:34:28 snort[17189]: Search-Method = AC-Banded
Aug 21 15:34:28 snort[17189]: Detection:
Aug 21 15:34:28 snort[17189]: Detection:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 6503:6504 ]
Aug 21 15:34:28 snort[17189]: [ 6503:6504 ]
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_BRIGHTSTORE' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_BRIGHTSTORE' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 2103 2105 2107 ]
Aug 21 15:34:28 snort[17189]: [ 2103 2105 2107 ]
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_TCP' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_TCP' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 135 593 1024:65535 ]
Aug 21 15:34:28 snort[17189]: [ 135 593 1024:65535 ]
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_UDP_SHORT' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_UDP_SHORT' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 135 1024:65535 ]
Aug 21 15:34:28 snort[17189]: [ 135 1024:65535 ]
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_UDP_LONG' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_UDP_LONG' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 135 139 445 593 1024:65535 ]
Aug 21 15:34:28 snort[17189]: [ 135 139 445 593 1024:65535 ]
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_IP_LONG' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_IP_LONG' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 138 1024:65535 ]
Aug 21 15:34:28 snort[17189]: [ 138 1024:65535 ]
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCADG_IP_UDP' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCADG_IP_UDP' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 139 445 ]
Aug 21 15:34:28 snort[17189]: [ 139 445 ]
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_IP_TCP' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'DCERPC_NCACN_IP_TCP' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 5060:5090 16384:32768 ]
Aug 21 15:34:28 snort[17189]: [ 5060:5090 16384:32768 ]
Aug 21 15:34:28 snort[17189]: PortVar 'SIP_PROXY_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'SIP_PROXY_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 443 465 563 636 989:990 992:995 ]
Aug 21 15:34:28 snort[17189]: [ 443 465 563 636 989:990 992:995 ]
Aug 21 15:34:28 snort[17189]: PortVar 'SSL_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'SSL_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 25 143 465 691 ]
Aug 21 15:34:28 snort[17189]: [ 25 143 465 691 ]
Aug 21 15:34:28 snort[17189]: PortVar 'MAIL_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'MAIL_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 23 ]
Aug 21 15:34:28 snort[17189]: [ 23 ]
Aug 21 15:34:28 snort[17189]: PortVar 'TELNET_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'TELNET_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 44 ]
Aug 21 15:34:28 snort[17189]: [ 44 ]
Aug 21 15:34:28 snort[17189]: PortVar 'SSH_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'SSH_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 161 ]
Aug 21 15:34:28 snort[17189]: [ 161 ]
Aug 21 15:34:28 snort[17189]: PortVar 'SNMP_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'SNMP_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 25 ]
Aug 21 15:34:28 snort[17189]: [ 25 ]
Aug 21 15:34:28 snort[17189]: PortVar 'SMTP_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'SMTP_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 139 445 ]
Aug 21 15:34:28 snort[17189]: [ 139 445 ]
Aug 21 15:34:28 snort[17189]: PortVar 'SMB_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'SMB_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 514 ]
Aug 21 15:34:28 snort[17189]: [ 514 ]
Aug 21 15:34:28 snort[17189]: PortVar 'RSH_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'RSH_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 513 ]
Aug 21 15:34:28 snort[17189]: [ 513 ]
Aug 21 15:34:28 snort[17189]: PortVar 'RLOGIN_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'RLOGIN_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 111 32770:32779 ]
Aug 21 15:34:28 snort[17189]: [ 111 32770:32779 ]
Aug 21 15:34:28 snort[17189]: PortVar 'SUNRPC_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'SUNRPC_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 110 ]
Aug 21 15:34:28 snort[17189]: [ 110 ]
Aug 21 15:34:28 snort[17189]: PortVar 'POP3_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'POP3_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 109 ]
Aug 21 15:34:28 snort[17189]: [ 109 ]
Aug 21 15:34:28 snort[17189]: PortVar 'POP2_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'POP2_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 119 ]
Aug 21 15:34:28 snort[17189]: [ 119 ]
Aug 21 15:34:28 snort[17189]: PortVar 'NNTP_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'NNTP_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 1433 ]
Aug 21 15:34:28 snort[17189]: [ 1433 ]
Aug 21 15:34:28 snort[17189]: PortVar 'MSSQL_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'MSSQL_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 6665:6669 7000 ]
Aug 21 15:34:28 snort[17189]: [ 6665:6669 7000 ]
Aug 21 15:34:28 snort[17189]: PortVar 'IRC_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'IRC_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 143 ]
Aug 21 15:34:28 snort[17189]: [ 143 ]
Aug 21 15:34:28 snort[17189]: PortVar 'IMAP_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'IMAP_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 21 ]
Aug 21 15:34:28 snort[17189]: [ 21 ]
Aug 21 15:34:28 snort[17189]: PortVar 'FTP_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'FTP_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 79 ]
Aug 21 15:34:28 snort[17189]: [ 79 ]
Aug 21 15:34:28 snort[17189]: PortVar 'FINGER_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'FINGER_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 53 ]
Aug 21 15:34:28 snort[17189]: [ 53 ]
Aug 21 15:34:28 snort[17189]: PortVar 'DNS_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'DNS_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 113 ]
Aug 21 15:34:28 snort[17189]: [ 113 ]
Aug 21 15:34:28 snort[17189]: PortVar 'AUTH_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'AUTH_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 1521 ]
Aug 21 15:34:28 snort[17189]: [ 1521 ]
Aug 21 15:34:28 snort[17189]: PortVar 'ORACLE_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'ORACLE_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 0:79 81:65535 ]
Aug 21 15:34:28 snort[17189]: [ 0:79 81:65535 ]
Aug 21 15:34:28 snort[17189]: PortVar 'SHELLCODE_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'SHELLCODE_PORTS' defined :
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: [ 80 ]
Aug 21 15:34:28 snort[17189]: [ 80 ]
Aug 21 15:34:28 snort[17189]: PortVar 'HTTP_PORTS' defined :
Aug 21 15:34:28 snort[17189]: PortVar 'HTTP_PORTS' defined :
Aug 21 15:34:28 snort[17189]: Parsing Rules file "/usr/local/etc/snort/snort_9713_bge1/snort.conf"
Aug 21 15:34:28 snort[17189]: Parsing Rules file "/usr/local/etc/snort/snort_9713_bge1/snort.conf"
Aug 21 15:34:28 snort[17189]: Initializing Plug-ins!
Aug 21 15:34:28 snort[17189]: Initializing Plug-ins!
Aug 21 15:34:28 snort[17189]: Initializing Preprocessors!
Aug 21 15:34:28 snort[17189]: Initializing Preprocessors!
Aug 21 15:34:28 snort[17189]: Initializing Output Plugins!
Aug 21 15:34:28 snort[17189]: Initializing Output Plugins!
Aug 21 15:34:28 snort[17189]: –== Initializing Snort ==--
Aug 21 15:34:28 snort[17189]: –== Initializing Snort ==--
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]:
Aug 21 15:34:28 snort[17189]: Running in IDS mode
Aug 21 15:34:28 snort[17189]: Running in IDS mode
Aug 21 15:34:28 snort[17189]: Found pid path directive (/var/log/snort/run)
Aug 21 15:34:28 snort[17189]: Found pid path directive (/var/log/snort/run)
Aug 21 15:34:28 SnortStartup[13517]: Snort Startup files Sync… -
Okay, so basically when you get this error or you have nothing populating your Alerts or Blocks it mainly means one of two things - you are loading too many rules at one time or you need to Stop the service, make sure you've saved your If Settings, and finally Start the service again. Doing this all from If Settings tab seems to be the easiest. Anyone agree or disagree with these findings?
-
Looked this up myself the other day and found this.
http://forum.pfsense.org/index.php/topic,28161.msg146864.html#msg146864
-
Thanks for that link Onhel; I saw that, but I ended up getting past that error by stopping the service and starting it again. As long as the rules and proper Preprocessors were set the error went away. One thing I did notice is that when I make any rule changes I need to stop and start the service to make those changes active. Do you think running that would be a permanent fix or just something to run when that PID error comes up?
-
Anytime you make any changes to Snort, you have to restart it. If you don't, new settings won't take effect.
-
Good to know; Thank you Cino!