maged shaker wrote:
Hi Todd
administrator to monitoring and view the "Base" Basic Analysis and
Security Engine ,and the other interface is not configured to use for
sniffing the traffic and configured with snort , and it attached to
span port in the switch but when insert the other network address in
/etc/sysconfig/snort as the following :
SNORT_INTERFACE="eth1 "and start snort it failed when start and tell
me in /var/log/message :
Parsing Rules file /etc/snort/snort.conf
Feb 10 05:59:42 linux1 snort[9023]: FATAL ERROR: Undefined variable
name: (/etc/snort/snort.conf:44): eth1_ADDRESS
please give me advice for this issue and how to solve it
Thanks
NSM-man
------------------------------------------------------------------------
Yes, the script is altering snort.conf and is using eth1_ADDRESS (or any
ethX_ADDRESS) without defining it first. I suggest that in
/etc/sysconfig/snort that you set SNORT_AUTO to 'no' and manually set
your HOME_NET variable in snort.conf. (And notify SUSE that their
script doesn't work)
Thanks
Todd
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
