HELP PLS!! #Snort received signal 3, exiting

["rick" <sun.admin () home com>]

Hi Gurus,

I just install Snort 1.81 (Version 1.8.1-RELEASE (Build 74))couple days ago,
I used it to analysis the data I collected from tcpdump (sniffing @0.0.0.0)

I also download the latest ruleset from sourcefire. Since I am just testing
this product, and my tcpdump -w output is very small, so I just used the
default ruleset from snort --at the end of snort.conf (include sql.rules
include x11.rules
include icmp.rules
include shellcode.rules
include misc.rules
include policy.rules
include info.rules
include icmp-info.rules
include virus.rules
include local.rules)

However, everytime I use snort -r to read the tcpdump -w output, and I get
#snort received signal 3, exiting ALL THE TIME.. so i can't tell the
integrity of the output.

I am running snort on Solaris7sparc(64bit) 300Mhz, 4Gb, 128Mb , and that sun
box is not running anything else except snort...I can't see what's wrong..

Here's the actual output.. Any help is apperciated!!!!  thx in advance

**************************************************************************

  --== Initializing Snort ==--
TCPDUMP file reading mode.
Reading network traffic from "/usr/tcp/tcpdump20010910" file.
snaplen = 68
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
Parsing Rules file snort.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
No arguments to frag2 directive, setting defaults to:
    Fragment timeout: 60 seconds
    Fragment memory cap: 4194304 bytes
Stream4 config:
    Stateful inspection: ACTIVE
    Session statistics: INACTIVE
    Session timeout: 30 seconds
    Session memory cap: 8388608 bytes
    State alerts: INACTIVE
    Scan alerts: ACTIVE
No arguments to stream4_reassemble, setting defaults:
     Reassemble client: ACTIVE
     Reassemble server: INACTIVE
     Reassemble ports: 21 23 25 53 80 143 110 111 513
     Reassembly alerts: ACTIVE
Back Orifice detection brute force: DISABLED
Using LOCAL time
1150 Snort rules read...
1150 Option Chains linked into 151 Chain Headers
0 Dynamic rules
+++++++++++++++++++++++++++++++++++++++++++++++++++

Rule application order: ->activation->dynamic->alert->pass->log

        --== Initialization Complete ==--

-*> Snort! <*-
Version 1.8.1-RELEASE (Build 74)
By Martin Roesch (roesch () sourcefire com, www.snort.org)


============================================================================
===

Snort processed 459277 packets.
Breakdown by protocol:                Action Stats:

    TCP: 206104     (44.876%)         ALERTS: 1027
    UDP: 177782     (38.709%)         LOGGED: 101
   ICMP: 92         (0.020%)          PASSED: 0
    ARP: 12389      (2.698%)
   IPv6: 0          (0.000%)
    IPX: 0          (0.000%)
  OTHER: 62815      (13.677%)
===========================================
Fragmentation Stats:
Fragmented IP Packets: 95         (0.021%)
   Rebuilt IP Packets: 0
   Frag elements used: 0
Discarded(incomplete): 0
   Discarded(timeout): 32
============================================

TCP Stream Reassembly Stats:
   TCP Packets Used:      101571     (22.115%)
   Reconstructed Packets: 0          (0.000%)
   Streams Reconstructed: 6865
=============================================

Snort received signal 3, exiting

***********************************************************************

thx , rick



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users