teşekkürler hatayı buldum dediğiniz gibi output satırındaymış bu arada bir şey sormak istiyorum snort ipfw ile birlikte çalışıyormu yani gelen alarete göre ipfw rule ekeleme gibi.
-----Orjinal mesaj----- From: "Huzeyfe Onal" [EMAIL PROTECTED] Date: Fri, 24 Mar 2006 16:06:33 +0200 To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] Snort hakkında > Merhaba, snort.conf dosyanizdaki output satirlarini gond> erebilir misiniz.. Problem bu satirlarda gozukuyor. On 3> /23/06, Deniz Tosun <[EMAIL PROTECTED]> wrote: > > Merh> aba arkadaşlar Freebsd 4.11 sonort acid bileşenlerini kur> dum amache > php mysql vs.. her şey çalışıyor tek şey dış> ından oda snort > > Start verdikten sonra starting diyor > ve daha sonra program kapanıyor > messages ten baktığımda> aşağıdaki hatayı veriyordu sorun nedir acaba. > > > > Ma> r 23 20:41:44 bsd snort: PID path stat checked out ok, PI> D path set to > /var/run/ > > Mar 23 20:41:44 bsd snort: > Writing PID "33588" to file > "/var/run//snort_lnc0.pid" > > > Mar 23 20:41:44 bsd snort: ,-----------[Flow Config]-> --------------------- > > Mar 23 20:41:44 bsd snort: | St> ats Interval: 0 > > Mar 23 20:41:44 bsd snort: | Hash Me> thod: 2 > > Mar 23 20:41:45 bsd snort: | Memcap: > 10485760 > > Mar 23 20:41:45 bsd snort: | Rows : > 4099 > > Mar 23 20:41:45 bsd snort: | Overhead Byt> es: 16400(%0.16) > > Mar 23 20:41:45 bsd snort: `-------> --------------------------------------- > > Mar 23 20:41:> 45 bsd snort: HttpInspect Config: > > Mar 23 20:41:45 bsd> snort: GLOBAL CONFIG > > Mar 23 20:41:45 bsd snort: > Max Pipeline Requests: 0 > > Mar 23 20:41:45 bsd> snort: Inspection Type: STATELESS > > Mar> 23 20:41:45 bsd snort: Detect Proxy Usage: N> O > > Mar 23 20:41:45 bsd snort: IIS Unicode Map Fi> lename: > /usr/local/etc/unicode.map > > Mar 23 20:41:45 > bsd snort: IIS Unicode Map Codepage: 1252 > > Mar 2> 3 20:41:45 bsd snort: DEFAULT SERVER CONFIG: > > Mar > 23 20:41:45 bsd snort: Ports: > > Mar 23 20:41:45 b> sd snort: 80 > > Mar 23 20:41:45 bsd snort: 8080 > > Mar > 23 20:41:45 bsd snort: 8180 > > Mar 23 20:41:45 bsd snort> : > > Mar 23 20:41:45 bsd snort: Flow Depth: 300 > > > Mar 23 20:41:45 bsd snort: Max Chunk Length: 5000> 00 > > Mar 23 20:41:45 bsd snort: Inspect Pipeline > Requests: YES > > Mar 23 20:41:45 bsd snort: URI Di> scovery Strict Mode: NO > > Mar 23 20:41:45 bsd snort: > Allow Proxy Usage: NO > > Mar 23 20:41:45 bsd snort: > Disable Alerting: NO > > Mar 23 20:41:45 bsd snort:> Oversize Dir Length: 500 > > Mar 23 20:41:45 bsd s> nort: Only inspect URI: NO > > Mar 23 20:41:45 bsd > snort: Ascii: YES alert: NO > > Mar 23 20:41:45 bsd> snort: Double Decoding: YES alert: YES > > Mar 23 > 20:41:45 bsd snort: %U Encoding: YES alert: YES > >> Mar 23 20:41:45 bsd snort: Bare Byte: YES alert: Y> ES > > Mar 23 20:41:45 bsd snort: Base36: OFF > > M> ar 23 20:41:45 bsd snort: UTF 8: OFF > > Mar 23 20:> 41:45 bsd snort: IIS Unicode: YES alert: YES > > Ma> r 23 20:41:45 bsd snort: Multiple Slash: YES alert:> NO > > Mar 23 20:41:45 bsd snort: IIS Backslash: Y> ES alert: NO > > Mar 23 20:41:45 bsd snort: Directo> ry Traversal: YES alert: NO > > Mar 23 20:41:45 bsd snort> : Web Root Traversal: YES alert: YES > > Mar 23 20:> 41:45 bsd snort: Apache WhiteSpace: YES alert: YES > > > Mar 23 20:41:45 bsd snort: IIS Delimiter: YES a> lert: YES > > Mar 23 20:41:45 bsd snort: IIS Unicod> e Map: GLOBAL IIS UNICODE MAP > CONFIG > > Mar 23 20:41:4> 5 bsd snort: Non-RFC Compliant Characters: > > Mar > 23 20:41:45 bsd snort: NONE > > Mar 23 20:41:45 bsd snort> : > > Mar 23 20:41:45 bsd snort: rpc_decode arguments: > > > Mar 23 20:41:45 bsd snort: Ports to decode RPC on: > 111 32771 > > Mar 23 20:41:45 bsd snort: alert_fragme> nts: INACTIVE > > Mar 23 20:41:45 bsd snort: alert_la> rge_fragments: ACTIVE > > Mar 23 20:41:45 bsd snort: > alert_incomplete: ACTIVE > > Mar 23 20:41:45 bsd snort: > alert_multiple_requests: ACTIVE > > Mar 23 20:41:45 bs> d snort: telnet_decode arguments: > > Mar 23 20:41:45 bsd> snort: Ports to decode telnet on: 21 23 25 119 > > M> ar 23 20:41:45 bsd snort: FATAL ERROR: unknown output plu> gin: '-mode' > > Mar 23 20:41:45 bsd /kernel: lnc0: promi> scuous mode disabled > > -- Huzeyfe ÖNAL --- First Turk> ish Qmail book is out! Go check it. Duydunuz mu! Turkiye'> nin ilk Qmail kitabi cikti. http://www.acikakademi.com/ca> talog/qmail/ --------------------------------------------------------------------- Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
