Bugtraq mailing list archives
Re: Snort core dumped
From: KF <dotslash () snosoft com>
Date: Thu, 10 Jan 2002 15:35:10 -0500
[root@xxx xxxx]# ps -ef | grep snort snort �� 10283 ����1��2 17:17 ? �� ����00:00:00 /usr/sbin/snort -u snort -g snorroot ����10292 10252��0 17:17 pts/2 �� 00:00:00 [xxxx@xxx xxxx]$ ping -c1 -s1 xxx.xxxxxx.com PING xxx.xxxxxxx.com (111.111.111.111) from 111.111.111.111: 1(29) bytes of data. 9 bytes from xxx.xxxxxxxx.com (192.168.1.103): icmp_seq=0 ttl=255 --- xxx.xxxxxxxxx.com ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss [root@xxx xxxxxxxx]# ps -ef | grep snort root ����10328 10252��0 17:18 pts/2 �� 00:00:00 grep snort -KF Sinbad wrote:
Run snort: # snort -dev host 192.168.0.3 and 192.168.0.1 Ping 192.168.0.1 from 192.168.0.3 within one data in payload: # ping -c 1 -s 1 192.168.0.1 Snort's output showed below: -*> Snort! <*- Version 1.8.3 (Build 88) By Martin Roesch (roesch () sourcefire com, www.snort.org) 01/10-11:34:43.898282 0:80:AD:78:83:BB -> 0:E0:18:C4:52:76 type:0x800 len:0x2B 192.168.0.3 -> 192.168.0.1 ICMP TTL:64 TOS:0x0 ID:0 IpLen:20 DgmLen:29 DF Type:8 Code:0 ID:9435 Seq:0 ECHO Segmentation fault (core dumped) hmm... core dumped! while with the '-X' option works well. :) Have you ever seen this happened? Regards, Sinbad
Current thread:
- Snort core dumped Sinbad (Jan 10)
- Re: Snort core dumped KF (Jan 10)
- Re: Snort core dumped Martin Roesch (Jan 11)