Error Snort Failed To Start
Contents |
Best Of... Unanswered Categories All Categories 5.6KGeneral 564 Getting Started 3 Intergalactic Hang Out 108 AlienVault Labs 402 snort error failed to lookup interface Security 101 30 AlienVault USM 4.5K Deployment Architecture 845 Installation 657
Snort Failed To Lookup Interface Windows
Updates & Upgrades 314 Logger 157 Server / Console 630 Sensor 1.5K Reporting 141 Release Notes 54
Install Snort Ubuntu
Documentation & How-to Guides 48 Feedback & Feature Requests 46 Security Advisory 31 Plugins 37 AlienVault USM Anywhere 2 Getting Started 1 Sensors 0 Reporting 0 Plugins 0 Orchestration Rules 0 Suppression Rules 0 Security Advisory 0 Release Notes 1 Documentation & How-to Guides 0 Feedback & Feature Requests 0 OSSIM (open source) 498 Deployment Architecture 75 Installation 93 Updates & Upgrades 44 Logger / Sensor 125 Server / Console 42 Correlation Help 33 Reporting 12 Release notes 7 How-to Guides 29 Feedback & Feature Requests 31 Security Advisory 7 Installation 6 Reporting 1 Documentation & How-to Guides 4 Release notes 3 Feedback & Feature Requests 0 Security Advisory 0 Open Threat Exchange (OTX) 72 General 64 How-to Guides 5 Feedback & Feature Requests 3 New Release! AlienVault v5.3.3 is now available for OSSIM and USM. Learn more SNORT fails to start - fatal error Joseph Joseph Entry Level Roles Member Joined October 2012 | Visits 19 | Last Active December 2012 2 Points Message Entry Level Message December 2012 in Sensor I'm still in the process of getting the platform fully configured and have moved on from other configurations to SNORT. I noticed that SNORT was not in the list of running processes though the snortunified plugin is enabled and visible in the dashboard. I ran dpkg-reconfigure snort and walked through configuring the interface and networks to monitor. Afterwards executed ossim-reconfig, then attempted to start snort. This is the outcome... Any help is appreciated.Currently running OSSIM v4.1.1alienvault:/etc/snort# /etc/init.d/snort restartStarting Network Intrusion
Packet crafters More Site News Advertising About/Contact Sponsors: Snort mailing list archives By Date By Thread Re: Snort Services Failed to Start From: "Vona, Steven A CIV NSWCCD Philadelphia, 34117"
view Search Advanced search 11 posts • Page 1 of 1 grg3 Posts: 4 Snort will not start Quote Postby grg3 » July 10th, 2010, 12:46 pm I have a http://forum.ipfire.org/viewtopic.php?t=2598 newly installed system with IPFire 2.7. Everything seems to work great except snort. Coming from long time use of IPCop, it has been a long time since I used snort, so I thought I would give it a try.It never shows in the service status that it has started. I tried using the emerging threats rules and sourcefire registered rules with no difference.I failed to tried starting from console:Code: Select all/etc/init.d/snort restart
Starting Intrusion Detection System on red0... [ FAIL ]
chmod: cannot access `/var/run/snort_red0.pid': No such file or directory
I also tried:Code: Select all/usr/sbin/snort -c /etc/snort/snort.conf -i red0 -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/
And this gave no error messages but did not show as started snort failed to either.Any ideas what I am doing wrong? Am I in rules limbo or something? Top MichaelTremer Core Developer Posts: 5369 Re: Snort will not start Quote Postby MichaelTremer » July 10th, 2010, 9:40 pm Did you update the rules successfully?If there are no rules, snort won't start.Micha IPFire Duo Box by Fountain NetworksIPFire Hardware Appliances and Support http://www.lightningwirelabs.com/ Top grg3 Posts: 4 Re: Snort will not start Quote Postby grg3 » July 10th, 2010, 11:06 pm Yes. The rules update fine. The service never starts. Top labidouille Posts: 1 Re: Snort will not start Quote Postby labidouille » July 11th, 2010, 9:57 am hello !I had some troubles after ipfire upgrading to core 38 (from 2.5 core 37 to 2.7 core 38).snort won't start with error message "FATAL ERROR: /etc/snort/vars(2) Missing argument to DNS_SERVERS".The DHCPD create 2 files dns1 and dns2 files in /var/ipfire/redthe dns2 file is empty and dns1 contain the 2 dns from my adsl provider separate with space like :"x.x.x.x y.y.y.y". So snort failed to start.To correct this error I changed 2 lines in /etc/rc.config.d/snort to get the right DNS variables.from DNS1=`cat /var/ipfire/red/dns1 2>/dev/null`DNS2=`cat /var/ipfire/red/dns2 2>/dev/null`toDNS1=`awk '{