Help!! Problem testing Snort

[Gema de Toro Sánchez <detorosanchez () yahoo es>]

Hi! Please I need help!!

I'm testing Snort with Stick. I run Stick with Snort signatures, but Snort doesn't detect them how I expected. I only 
get a lot of identical alerts like this:

snort_decoder: Invalid UDP header, length field <8     snort_decoder:Unknown Datagram Decoding Problem

I get an important number of packets discard too, but I don't understand what this exactly means and if is there any 
relation. I'm really worried because I'm not sure if the detection motor is running well about signatures detection. 
Most of time, Snort sends preprocessors messages (alerts) except some ICMP or BAD-TRAFFIC rules alerts. It seems 
strange, doesn't it?

Snort analyzed 3010 out of 3010 packets, dropping 0(0.000%) packets

Breakdown by protocol:      Action Stats:

TCP: 2122 (70.498%)         ALERTS: 368

UDP: 238 (7.907%)           LOGGED: 736

ICMP: 622 (20.664%)         PASSED: 0

ARP: 16 (0.532%)

EAPOL: 0 (0.000%)

IPv6: 0 (0.000%)

IPX: 0 (0.000%)

OTHER: 0 (0.000%)

DISCARD: 250 (8.306%)

I'm sorry if my English is difficult to understand!!

Cheers!!



---------------------------------

    Antivirus #8226; Filtros antispam #8226; 6 MB gratis
    ¿Todavía no tienes un correo inteligente?