Snort mailing list archives

Re: IPv4 Warnings

From: Fyodor <fygrave () tigerteam net>
Date: Mon, 2 Jul 2001 03:54:52 +0700

On Sun, Jul 01, 2001 at 12:43:40PM -0300, Marcelo Gulin wrote:

Hi!

  I'm running snort 1.7 in linux box with kernel 2.4.3.

  The command line to start snort is:

   ./snort -A full -c snort.conf -d -D -u snort -g snort -h 192.168.10.0/24 
-s -M wrk.conf -i ppp0 -l /var/log/snort -v

  Work good but my /var/log/messages is full (90%) of:

   "Jul 1 12:58:23 gateway snort[757]: [!] WARNING: Not IPv4 datagram! ([ver: 
0x2][len: 0x2e2e])"

  what that messages means?


Some corrupted/strange/odd datagram has been received. Although len
0x2e2e looks _DODGY_! :)


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

IPv4 Warnings Marcelo Gulin (Jul 01)
- Re: IPv4 Warnings Fyodor (Jul 01)