Question SNORT: <dir> and <var> paths ?

Unluckylucky · 2024-07-17T01:15:36-0400

Where should I look for a paths for dir and var in config daq in snort.conf?

I tried to look in SNORT folders and in file explorer but there is nothing close to this.
Screenshot of my configuration file: https://gofile.io/d/vAWYnm

OS: Windows 10

Ralston18 · 2024-07-17T08:21:12-0400

SNORT being an intrusion prevention system - correct?

Reference:

https://www.snort.org/

https://www.geeksforgeeks.org/what-is-snort/

What is the requirement driving the need to look in SNORT folders and to discover paths?

ex_bubblehead · 2024-07-17T09:37:17-0400

I think someone needs to spend more time reading documentation and less time asking such useless questions.

Unluckylucky · 2024-07-18T04:09:36-0400

Ralston18 said:
SNORT being an intrusion prevention system - correct?

Reference:

https://www.snort.org/

https://www.geeksforgeeks.org/what-is-snort/

What is the requirement driving the need to look in SNORT folders and to discover paths?

So, when I type "./snort -v" command I get this: "Can't set DAQ BPF Filter"

Ralston18 · 2024-07-18T07:55:45-0400

Three comments/questions:

1) What is reason for running that command? What are you trying to find?

2) What does documentation say about that "error"?

3) What have you attempted to resolve the failure?

Unluckylucky · 2024-07-18T10:35:54-0400

Ralston18 said:
Three comments/questions:

1) What is reason for running that command? What are you trying to find?

2) What does documentation say about that "error"?

3) What have you attempted to resolve the failure?

1. I tried to test snort
2. It can be specified by "bpf_file: <filename>", but I don't have any idea where to get this "<filename>. Maybe I should it create

3. I have tried to find solution in internet (For example: https://www.cisco.com/c/en/us/suppo...nt-center/118090-configure-sourcefire-00.html) and in "README.filters" and I think that I should write these filters. But, again, I don't have any idea about how and where to write it. In the first link there are very abstractional description about instruments which should I use

kanewolf · 2024-07-18T10:53:48-0400

Unluckylucky said:
So, when I type "./snort -v" command I get this: "Can't set DAQ BPF Filter"

In Linux config files would generally be in a subdirectory under /etc/conf

Unluckylucky · 2024-07-18T11:04:03-0400

kanewolf said:
In Linux config files would generally be in a subdirectory under /etc/conf

So in "./snort" I should write subdirectory?

kanewolf · 2024-07-18T11:19:41-0400

Unluckylucky said:
So in "./snort" I should write subdirectory?

No. One of your questions was where is the config file? I answered that question.
How was snort installed? APT INSTALL?

Unluckylucky · 2024-07-18T11:23:01-0400

kanewolf said:
No. One of your questions was where is the config file? I answered that question.
How was snort installed? APT INSTALL?

What is APT? I also installed for Snort WinPcap and npcap

kanewolf · 2024-07-18T11:30:19-0400

Unluckylucky said:
What is APT? I also installed for Snort WinPcap and npcap

What OS are you running this? I assumed Linux because of the "./"

Unluckylucky · 2024-07-18T11:32:28-0400

kanewolf said:
What OS are you running this? I assumed Linux because of the "./"

Windows 10

kanewolf · 2024-07-18T11:35:28-0400

Unluckylucky said:
Windows 10

I have no clue where things are installed in Windows.

Search

Question SNORT: <dir> and <var> paths ?

Unluckylucky

Ralston18

Titan

ex_bubblehead

Titan

Unluckylucky

Ralston18

Titan

Unluckylucky

kanewolf

Titan

Unluckylucky

kanewolf

Titan

Unluckylucky

kanewolf

Titan

Unluckylucky

kanewolf

Titan

TRENDING THREADS

Latest posts

Moderators online

Share this page