Snort mailing list archives
Snort precompiled rule causes segfault
From: Peter Fyon <peter.fyon () gmail com>
Date: Mon, 6 Oct 2014 20:54:46 -0400
Hey snort-users, There's a rule in the precompiled protocol-dns.so rules that causes snort to segfault under my ubuntu 14.04 install. I tried adding protocol-dns.so to my ignore= directive in pulledpork.conf, but it was still processing and adding the so to my so_rules directory. I ended up having to remove the so itself, but would rather be able to disable it in my pulledpork config. Better still would be to figure out the sid of the bad rule and disable it specifically. Does anyone know how to get the sid of a rule from an so when it segfaults? Peter
------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort precompiled rule causes segfault Peter Fyon (Oct 06)