Snort mailing list archives
RE: Memory leak in 1.9.0?
From: "L. Christopher Luther" <CLuther () Xybernaut com>
Date: Fri, 17 Jan 2003 16:01:44 -0500
The WinPCap FAQ also seems to indicate that BSODs can occur, and at least w/ my SMP Snort sensor, I've gotten one or two BSODs, esp. when I'm messing around a lot w/ the Snort config and doing a lot of start/stop/restart of the Snort process. Unfortunately, I am not aware of any other packet capture drivers under Win32. :{ Maybe raw sockets?! - Christopher -----Original Message----- From: David Wilkinson [mailto:dwilkinson () adalis com] Sent: Friday, January 17, 2003 3:41 PM To: L. Christopher Luther Subject: RE: Memory leak in 1.9.0? Sensitivity: Confidential Christopher, Thank you. Yes, I was aware of the SMP issue with winpcap, which is why we are running V 2.02. All of the research we had done pointed to a time stamp issue with the SMP configuration which has little or no consequence to us as a NIDS program. Is there another packet capture method you are familiar with? David -----Original Message----- From: L. Christopher Luther [mailto:CLuther () Xybernaut com] Sent: Friday, January 17, 2003 10:58 AM To: 'David Wilkinson' Cc: Snort-Users (E-mail) Subject: RE: Memory leak in 1.9.0? Sensitivity: Confidential Are you sure it's Snort that is causing the memory leak and not WinPCap (Task Manager will not delineate the memory used by snort.exe alone vs snort.exe wpcap.dll)? As you may or may not know, WinPCap does not officially support SMP platforms (see http://winpcap.polito.it/misc/faq.htm#Q-15), so it's very possible that WinPCap is the culprit, and Snort 2.0 will not solve your problems. IMHO, - Christopher [...snip...]
Current thread:
- Memory leak in 1.9.0? David Wilkinson (Jan 17)
- Re: Memory leak in 1.9.0? Bennett Todd (Jan 17)
- <Possible follow-ups>
- RE: Memory leak in 1.9.0? L. Christopher Luther (Jan 17)
- RE: Memory leak in 1.9.0? L. Christopher Luther (Jan 17)