I’m trying to install Suricata but keep getting the following error when I open the link. Any assistance would be great.
suricata.exe - Entry Point Not Found
The procedure entry point pcap_dump_hopen could not be located in the dynamic link library C:Program Files\Suricata\suricata.exe.
Hey Rick,
can you give us more information about your setup?
What is your Suricata version, how are you installing it (do you compile Suricata?), what do you mean by opening the link - listening on a live interface?
Something seems to be off with your pcap library, maybe try upgrading that (libpcap)?
Also, have you tried proposed solutions in other seemingly duplicate posts?
Hi,
In addition to what Lukas is asking -
Can you please share some details of the installation and if you are using our prepackaged MSI installer ?
Depending on the OS type (Server/Client) you need to also run the start command from a prompt with administrative privileges.
I recommend running the latest available stable - 6.0.12, and also installing the latest available npcap.
Hello Lukas and Peter, Sorry for the late reply. Below is where I downloaded Suricata from and the Npcap I have installed:
I chose the Windows 64-bit installer link:
And this is the Npcap I installed:
But when I open the Suricata link on my desktop the command line opens up and this is what I get:
Hopefully this helps. I was expecting a GUI interface to work with and not a command line. I am really new to CLI’s (CMD, PowerShell, Linux, etc). I can navigate through a CLI with good instructions but for now that’s about all I can do.
Any assistance you can provide with links and instructions would be greatly appreciated. I am in school for cybersecurity and just wanted to monitor and protect my home network to get a real feel for Suricata and what it can do.
Thank you
I think you should remove the current winpcap install and try the npcap form here https://npcap.com/ (installer), reboot then try to start suricata again.
What Win OS is that ?
Did you uninstall the winpcap installation as well ?
Hi Peter. I did take out winpcap. I’m running windows 10.
Hello Peter, Below is the version of npcap 1.75 I have loaded along with the Windows 10 version I have installed:
Hi,
Can you run the cmd as administrator , would it have any difference?
(I can not reproduce it locally so far)
I could if I knew exactly what to enter into the command line. I’ve been just downloading all this from the windows gui using the links…
Once you start the cmd , you can type in:
suricata -i 10.0.2.15 -c suricata.yaml
for example. Where the -i is the IP of the sniffing interface you want to sniff on.
Thank you Peter. I will give that a try.