Snort mailing list archives
Possible Snort bug.
From: Glenn Larsson <ichinin () swipnet se>
Date: Tue, 07 May 2002 03:47:32 +0200
Hi. This happened when i moving files from System A to B (The data i was moving at the time was an assortment of exploits, security tools, documents and images, but that shouldn't matter right?) When i looked back at System B, this was pouring out on the snort console: "Captured data lenght < Ethernet header lenght! (0 bytes) Captured data lenght < Ethernet header lenght! (0 bytes) Captured data lenght < Ethernet header lenght! (0 bytes) Captured data lenght < Ethernet header lenght! (0 bytes) Captured data lenght < Ethernet header lenght! (0 bytes) Captured data lenght < Ethernet header lenght! (0 bytes) Captured data lenght < Ethernet header lenght! (0 bytes) Captured data lenght < Ethernet header lenght! (0 bytes) Captured data lenght < Ethernet header lenght! (0 bytes)" (and so on) I tried to ping the system to see if it showed output of the ICMP packet, but nope - it did not see my icmp traffic, it appeared "locked" in a loop. Tech Specs: ----------- System A = AMD K6-2 350, NT Srv 4.0, SP4, Protocols:IP and IPX System B = Intel Pentium 133, NT Srv 4.0, SP5, Protocols:IP and NetBEUI Packet driver = WinPcap 2.3 Snort Version = 1.8.5 (Win32) Commandline = Snort.exe -v -y -c snort.conf -l log Anyone know why this could have happened? Regards, Glenn _______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: bandwidth () sourceforge net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Possible Snort bug. Glenn Larsson (May 07)