OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: RE: [snort] 1.6-beta11 available [CVS & WWW]
From: Jerry Shenk (jasdect.com)
Date: Tue Mar 07 2000 - 13:40:43 CST


What's new in 1.6-beta11? I'm working a little on this mainframe
communication problem right now (remotely) but plan to be on-site tomorrow.
I could give it a try and flip back and forth between 1.5.2 and 1.6-beta11
if there are problems.

One thing I noticed in 1.5.2 is that the -e option doesn't work on a token
ring network (it dumps core)...and maybe it's not supposed to. One place,
that is called the 'ethernet header' option.

===== Original Message from Martin Roesch <snortbofh.kyrnet.kg> at 3/07/00
1:42 pm
>Hmm, did that get integrated in as part of the new database plugin, or
>something else? Anyone know? I don't recall putting it in there.....
>
>
> -Marty
>
>Ralf Hildebrandt wrote:
>>
>> On Tue, Mar 07, 2000 at 02:17:17AM -0500, Martin Roesch wrote:
>>
>> > http://www.clark.net/~roesch/snort-1.6-beta11.tar.gz
>> >
>> > I'm itchin' to get 1.6 released, lets get some feedback! :)
>>
>> You won't like this (beta 10.1 worked flawlessly on HP-UX 10.20):
>>
>> > make
>> gcc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/local/include -O -I/users2/local/include -Wall -c
snort.c
>> In file included from snort.c:45:
>> snort.h:51: db.h: No such file or directory
>> In file included from sp_rpc_check.h:25,
>> from plugbase.h:34,
>> from snort.h:64,
>> from snort.c:45:
>> /usr/include/rpc/xdr.h:26: warning: /*' within comment
>> make: *** [snort.o] Error 1
>>
>> I really think that checking for the DB library before actually using it
>> would be smart :)
>>
>> I added /users2/local/BerkeleyDB-2.7.5/{include,lib} to -I and -L
>> respectively.
>>
>> By that I found out the following:
>> /users2/local/BerkeleyDB-2.7.5/include/db.h:61: warning: redefinition of uint8_t'
>> /usr/include/sys/_inttypes.h:62: warning: uint8_t' previously declared here
>> /users2/local/BerkeleyDB-2.7.5/include/db.h:63: warning: redefinition of uint16_t'
>> /usr/include/sys/_inttypes.h:64: warning: uint16_t' previously declared here
>> /users2/local/BerkeleyDB-2.7.5/include/db.h:65: warning: redefinition of uint32_t'
>> /usr/include/sys/_inttypes.h:66: warning: uint32_t' previously declared here
>>
>> So HP-UX actually HAS the unint{8,16,32}_t types!
>> Unfortunaltely in /usr/include/sys/_inttypes.h
>>
>> --
>> Ralf Hildebrandt <R.Hildebrandttu-bs.de> www.stahl.bau.tu-bs.de/~hildeb
>> If all the salmon caught in Canada in one year were laid end to end
>> across the Sahara Desert, the smell would be absolutely awful.
>>
>> ------------------------------------------------------------------------
>> Part 1.2Type: application/pgp-signature
>
>--
>Martin Roesch <roeschhiverworld.com>
>Director of Forensic Systems http://www.hiverworld.com
>Hiverworld, Inc. Enterprise Network Security
>Network Forensics, Intrusion Detection and Risk Assessment

Jerry A. Shenk, MCNE
Sr. Systems Engineer - Computer Networking Services
D&E Communications, Inc.
jshenkdecommunications.com
1-877-433-8632 Fax via efax: (603) 250-1453
my website: www.dect.com/jas