Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort core dumped (fwd)

From: Roman Danyliw <rdd () cert org>
Date: Thu, 10 Jan 2002 14:26:11 -0500


---------- Forwarded Message ----------
Date: Thursday, January 10, 2002 1:26 PM +0800
From: Sinbad <securitymail () 263 net>
To: bugtraq () securityfocus com
Subject: Snort core dumped


Run snort:
# snort -dev host 192.168.0.3 and 192.168.0.1

Ping 192.168.0.1 from 192.168.0.3 within one data in payload:
# ping -c 1 -s 1 192.168.0.1

Snort's output showed below:
-*> Snort! <*-
Version 1.8.3 (Build 88)
By Martin Roesch (roesch () sourcefire com, www.snort.org)
01/10-11:34:43.898282 0:80:AD:78:83:BB -> 0:E0:18:C4:52:76 type:0x800
len:0x2B 192.168.0.3 -> 192.168.0.1 ICMP TTL:64 TOS:0x0 ID:0 IpLen:20
DgmLen:29 DF Type:8  Code:0  ID:9435   Seq:0  ECHO
Segmentation fault (core dumped)

hmm... core dumped!

while with the '-X' option works well. :)

Have you ever seen this happened?


Regards,
Sinbad

---------- End Forwarded Message ----------





_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: