Snort mailing list archives
Captured data length < Ethernet header length
From: "Mark Anderson" <cronus () whitedust net>
Date: Thu, 31 Jan 2002 11:03:50 -0000
Forgive me if this has been discussed already but I am a new subscriber to the list. I'm running Snort Version 1.8.1-RELEASE (Build 74) which is probably an old version but I haven't had the chance to update it. I regularly get the following message in my syslog; snort: Captured data length < Ethernet header length! (0 bytes) I was hoping someone could shed some light on what it means. I'm not even sure how to write a snort rule to determine which machine it in on the network thats generating these packets. Or is it my copy of snort ? Any help would be greatly appreciated. Mark Anderson.
Current thread:
- Captured data length < Ethernet header length Mark Anderson (Jan 31)