baldanders Posted May 6, 2015 Report Posted May 6, 2015 Hi Morpheus, First let me thank you for the awesome resources that you have provided, your tutorials are really good. I have just configured my winids to receive it rule updates using pulled pork as described in your tutorial. I followed all the steps and passed all the tests, however when I restarted the computer the barnyard window is stuck waiting for new data, when I run snort itself I get the following messages WARNING: No preprocessors configured for policy 0. 05/06-13:17:32.947576 10.58.3.86:56494 -> x.x.x.x:x TCP TTL:128 TOS:0x0 ID:17032 IpLen:20 DgmLen:76 DF ***A**** Seq: 0xF428D7BA Ack: 0x85718FD9 Win: 0x347 TcpLen: 56 TCP Options (3) => NOP NOP Sack: 34161@58605 any help would be greatly appreciated. Quote
Morpheus Posted May 6, 2015 Report Posted May 6, 2015 (edited) Was this happening before or after installing PulledPork? Attach the snort.conf, pulledpork.conf, and barnyard.conf Edited May 6, 2015 by Morpheus Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.