DAQ ERROR on win7 32 bit ent

[albertg]

 

when i run this command,

d:winidssnortbinsnort -c d:winidssnortetcsnort.conf -l d:winidssnortlog –i1 -T

 

i get the following error

 

 

 

[ Number of patterns truncated to 20 bytes: 307 ]

pcap DAQ configured to passive.

The DAQ version does not support reload.

Acquiring network traffic from "DeviceNPF_{269A6487-19E1-42B4-A2B2-8A4494B3D49

6}".

ERROR: Can't set DAQ BPF filter to 'ûi1 -T' (ê¶O)!

Fatal Error, Quitting..

 

do we need to install DAQ? we have not missed any step in the tutorial.

 

thanks

[Morpheus]

I just noticed:

 

Change this: d:winidssnortbinsnort -c d:winidssnortetcsnort.conf -l d:winidssnortlog –i1 -T

 

To this: d:winidssnortbinsnort -c d:winidssnortetcsnort.conf -l d:winidssnortlog -i1 -T

[dominic.fernandes@gmail.co]

I just noticed:

 

Change this: d:winidssnortbinsnort -c d:winidssnortetcsnort.conf -l d:winidssnortlog –i1 -T

 

To this: d:winidssnortbinsnort -c d:winidssnortetcsnort.conf -l d:winidssnortlog -i1 -T

+----------------------------------------------------------------

[ Number of patterns truncated to 20 bytes: 307 ]

pcap DAQ configured to passive.

The DAQ version does not support reload.

Acquiring network traffic from "DeviceNPF_{269A6487-19E1-42B4-A2B2-8A4494B3D

6}".

 

        --== Initialization Complete ==--

 

   ,,_     -*> Snort! <*-

  o"  )~   Version 2.9.6.1-WIN32 GRE (Build 56)

   ''''    By Martin Roesch & The Snort Team: http://www.snort.org/snort/snort

eam

           Copyright © 2014 Cisco and/or its affiliates. All rights reserved

           Copyright © 1998-2013 Sourcefire, Inc., et al.

           Using PCRE version: 8.10 2010-06-25

           Using ZLIB version: 1.2.3

 

           Rules Engine: SF_SNORT_DETECTION_ENGINE  Version 2.1  <Build 1>

           Preprocessor Object: SF_SSLPP  Version 1.1  <Build 4>

           Preprocessor Object: SF_SSH  Version 1.1  <Build 3>

           Preprocessor Object: SF_SMTP  Version 1.1  <Build 9>

           Preprocessor Object: SF_SIP  Version 1.1  <Build 1>

           Preprocessor Object: SF_SDF  Version 1.1  <Build 1>

           Preprocessor Object: SF_REPUTATION  Version 1.1  <Build 1>

           Preprocessor Object: SF_POP  Version 1.0  <Build 1>

           Preprocessor Object: SF_MODBUS  Version 1.1  <Build 1>

           Preprocessor Object: SF_IMAP  Version 1.0  <Build 1>

           Preprocessor Object: SF_GTP  Version 1.1  <Build 1>

           Preprocessor Object: SF_FTPTELNET  Version 1.2  <Build 13>

           Preprocessor Object: SF_DNS  Version 1.1  <Build 4>

           Preprocessor Object: SF_DNP3  Version 1.1  <Build 1>

           Preprocessor Object: SF_DCERPC2  Version 1.0  <Build 3>

 

Snort successfully validated the configuration!

Snort exiting

----------------THANKS  EAGLE EYE !!! 

[Morpheus]

Looks like you are good to go with a sucessful configuration test.