Snort mailing list archives

Previous By Date Next
Previous By Thread Next

snort exiting oddly..

From: Tremaine Lea <Tremaine () cavelier net>
Date: Tue, 19 Jun 2001 02:15:43 -0600
Being relatively new to snort, I'm unsure what the information below is 
telling me.  All I know for sure is that at some point it stops logging to 
mysql...  I only noticed it when I had a portscan mailed to me by snort and 
the portscan wasn't showing in ACID.  Any ideas?


-*> Snort! <*-
Version 1.7
By Martin Roesch (roesch () clark net, www.snort.org)
[!] WARNING: TCP stream reassembler, Server Bytes in Buffer > Buffer Size
(49701 > 48504)[!] WARNING: TCP stream reassembler, Server Bytes in Buffer >
Buffer Size (53632 > 48504)[!] WARNING: TCP stream reassembler, Server Bytes
in Buffer > Buffer Size (40844 > 22176)[!] WARNING: TCP stream reassembler,
Server Bytes in Buffer > Buffer Size (24460 > 22176)[!] WARNING: TCP stream
reassembler, Server Bytes in Buffer > Buffer Size (59409 > 48504)
Exiting...
database: Closing mysql connection to database "snort"


=============================================================================
== Snort received 1023705 packets and dropped 0(0.000%) packets

Breakdown by protocol:                Action Stats:
    TCP: 1055972    (103.152%)         ALERTS: 23
    UDP: 38716      (3.782%)          LOGGED: 23
   ICMP: 233        (0.023%)          PASSED: 0
    ARP: 1420       (0.139%)
   IPv6: 0          (0.000%)
    IPX: 0          (0.000%)
  OTHER: 0          (0.000%)
DISCARD: 0          (0.000%)
=============================================================================
== Fragmentation Stats:
Fragmented IP Packets: 0          (0.000%)
   Rebuilt IP Packets: 0
   Frag elements used: 0
Discarded(incomplete): 0
   Discarded(timeout): 0
=============================================================================
== TCP Stream Reassembly Stats:
   TCP Packets Used:      243689     (23.805%)
   Reconstructed Packets: 72636      (7.095%)
   Streams Reconstructed: 5194
=============================================================================
==

--
Tremaine Lea

Doing things the hard way.  Every time.

-------------------------------------------------------

-- 
Tremaine Lea

Doing things the hard way.  Every time.

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: