Snort mailing list archives
Re: Snort-users Digest, Vol 133, Issue 4
From: yunus emre <yunusemre09 () hotmail com>
Date: Mon, 5 Jun 2017 16:39:47 +0000
Remove me from your mailing list 😡😡😡😡 Sent from my iPhone
On 05 Jun 2017, at 18:00, "snort-users-request () lists sourceforge net" <snort-users-request () lists sourceforge net> wrote: Send Snort-users mailing list submissions to snort-users () lists sourceforge net To subscribe or unsubscribe via the World Wide Web, visit https://lists.sourceforge.net/lists/listinfo/snort-users or, via email, send a message with subject or body 'help' to snort-users-request () lists sourceforge net You can reach the person managing the list at snort-users-owner () lists sourceforge net When replying, please edit your Subject line so it is more specific than "Re: Contents of Snort-users digest..." When responding, please don't respond with the entire Digest. Please trim your response. Today's Topics: 1. Re: Barnyard2 -ERROR: Unable to allocate memory! (3737895080 requested) (wkitty42 () windstream net) 2. Snort error (Gamze Kayg?s?z) 3. Re: Snort error (Gamze Kayg?s?z) 4. snort-floodlight (ay?en acun) 5. Re: Snort error (Cynthia Leonard (cyleonar)) 6. Re: snort-floodlight (Joel Esler (jesler)) ---------------------------------------------------------------------- Message: 1 Date: Fri, 2 Jun 2017 16:16:27 -0400 From: wkitty42 () windstream net To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Barnyard2 -ERROR: Unable to allocate memory! (3737895080 requested) Message-ID: <a43f6959-c941-1a45-e73e-aeea9e658b53 () windstream net> Content-Type: text/plain; charset=utf-8; format=flowedOn 06/02/2017 12:38 AM, ?moon sun? ? wrote: I used hping3 to simulate Dos attackby : $ sudo hping3example.com -c 10000 -d 120 -S -w 64 --flood -p 80 And i logged it by snort to log file. Then I used barnyard2 to send this log file to snort mysql , but it give me this error : ERROR: Unable to allocate memory! (3737895080 requested) Fatal Error, Quitting.. Barnyard2 exiting database: Closing connection to database "snort" before simulating the dos attack and logged it , it was work fine. Why this happen and how can I fix it?it is trying to allocate 3Gig of RAM... i'd imagine that that's a pretty large U2 file it is trying to deal with... FWIW: quoting from https://github.com/firnsy/barnyard2 ------------------------------------------------------------------------------ 4. CONTACT ------------------------------------------------------------------------------ You can contact the barnyard2 team and user base for question/help debugging issue concerning barnyard2 by using our mailing lists. barnyard2-users () googlegroups com AND barnyard2-devel () googlegroups com -- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list unless* *a signed and pre-paid contract is in effect with us.* ------------------------------ Message: 2 Date: Mon, 5 Jun 2017 17:01:05 +0300 From: Gamze Kayg?s?z <gamzekaygisiz47 () gmail com> To: snort-users () lists sourceforge net Subject: [Snort-users] Snort error Message-ID: <CAMwVf+CFfKTji5PKPo0y87GdV_Ggyen08vB7nj0HuYtR7UrigQ () mail gmail com> Content-Type: text/plain; charset="UTF-8" When I write the command "snort -Q --daq nfq --daq-mode inline --daq-var queue=0 -c /etc/snort/snort.conf -A Console -l /var/log/snort/" I get this message : "HttpInspectConfigCheck() default server configuration not specified Fatal Error, Quitting.." What is the problem? Could you help me?? ------------------------------ Message: 3 Date: Mon, 5 Jun 2017 17:04:04 +0300 From: Gamze Kayg?s?z <gamzekaygisiz47 () gmail com> To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Snort error Message-ID: <CAMwVf+DmhJFuSyLSYj+XXp69kenQgLvPOCYFc_m2kq7R5yK=Tg () mail gmail com> Content-Type: text/plain; charset="UTF-8" https://www.youtube.com/watch?v=41HLTF-8omU&t=27s this video 2017-06-05 17:01 GMT+03:00 Gamze Kayg?s?z <gamzekaygisiz47 () gmail com>:When I write the command "snort -Q --daq nfq --daq-mode inline --daq-var queue=0 -c /etc/snort/snort.conf -A Console -l /var/log/snort/" I get this message : "HttpInspectConfigCheck() default server configuration not specified Fatal Error, Quitting.." What is the problem? Could you help me??------------------------------ Message: 4 Date: Mon, 5 Jun 2017 17:33:05 +0300 From: ay?en acun <aysenacun () gmail com> To: snort-users () lists sourceforge net Subject: [Snort-users] snort-floodlight Message-ID: <CAEcSGmqRV7gzL8hPQ8rLQ7HshWEgQvwtJTWktz2Tec678cMwLA () mail gmail com> Content-Type: text/plain; charset="UTF-8" Hi All, I have question that is related to SDN Security. We use FloodLight SDN Controller. So Can I integrate Snort with FloodLight SDN Controller for IDS? ------------------------------ Message: 5 Date: Mon, 5 Jun 2017 14:05:56 +0000 From: "Cynthia Leonard (cyleonar)" <cyleonar () cisco com> To: Gamze Kayg?s?z <gamzekaygisiz47 () gmail com>, "snort-users () lists sourceforge net" <snort-users () lists sourceforge net> Subject: Re: [Snort-users] Snort error Message-ID: <53da8b6b835b4074b094a1f14952756a () XCH-RTP-009 cisco com> Content-Type: text/plain; charset="utf-8" Hi, Please share the contents of your snort.conf. Regards Cynthia -----Original Message----- From: Gamze Kayg?s?z [mailto:gamzekaygisiz47 () gmail com] Sent: Monday, June 5, 2017 7:31 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Snort error When I write the command "snort -Q --daq nfq --daq-mode inline --daq-var queue=0 -c /etc/snort/snort.conf -A Console -l /var/log/snort/" I get this message : "HttpInspectConfigCheck() default server configuration not specified Fatal Error, Quitting.." What is the problem? Could you help me?? ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------ Message: 6 Date: Mon, 5 Jun 2017 14:58:23 +0000 From: "Joel Esler (jesler)" <jesler () cisco com> To: ay?en acun <aysenacun () gmail com> Cc: "snort-users () lists sourceforge net" <snort-users () lists sourceforge net> Subject: Re: [Snort-users] snort-floodlight Message-ID: <7F0F7EF4-D50A-493D-99D3-B6848A8105A7 () cisco com> Content-Type: text/plain; charset="utf-8" While I have heard of FloodLight, I have not heard of anyone integrating Snort into it. But it?s open source. Seems like someone could take the task on. -- Joel Esler | Talos: Manager | jesler () cisco com<mailto:jesler () cisco com> On Jun 5, 2017, at 10:33 AM, ay?en acun <aysenacun () gmail com<mailto:aysenacun () gmail com>> wrote: Hi All, I have question that is related to SDN Security. We use FloodLight SDN Controller. So Can I integrate Snort with FloodLight SDN Controller for IDS? ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org<http://Slashdot.org>! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------ ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ------------------------------ Subject: Digest Footer _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-users ------------------------------ End of Snort-users Digest, Vol 133, Issue 4 *******************************************
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Snort-users Digest, Vol 133, Issue 4 yunus emre (Jun 05)