- 论坛徽章:
- 0
|
最后一步出错了,大哥帮我看看,终于要结束了,竟然不能把数据写入snort,错误代码如下
[root@snort ~]# snort -c /etc/snort/snort.conf
GLOBAL CONFIG
Inspection Type: stateful
Check for Encrypted Traffic: YES alert: YES
Continue to check encrypted data: YES
TELNET CONFIG:
Ports: 23
Are You There Threshold: 20
Normalize: YES
Detect Anomalies: YES
ERROR: /etc/snort/snort.conf(709) => FTP Commands are no longer than 4 character s: 'CLNT}'.
Fatal Error, Quitting..
然后我进snort.conf里面看709行,如下
chk_str_fmt { XPWD XCWD XCUP XMKD XRMD TEST CLNT } \
cmd_validity MODE < char ASBCZ > \
cmd_validity STRU < char FRP > \
cmd_validity ALLO < int [ char R int ] > \
cmd_validity TYPE < { char AE [ char NTC ] | char I | char L [ number ] } > \
cmd_validity MDTM < [ date nnnnnnnnnnnnnn[.n[n[n]]] ] string > \
cmd_validity PORT < host_port > 这就是709行,前面加#号运行一样会出错,只是变成其它行了
preprocessor ftp_telnet_protocol: \
ftp client default \
max_resp_len 200 \
bounce yes \
telnet_cmds no
大哥快帮我看看,就要结束了! |
|