Snort mailing list archives
Re: Snort Problems -- access etc
From: Brad Lhotsky <lhotskyb () mail nih gov>
Date: Tue, 08 Nov 2005 18:40:05 -0500
We've had some issues with IPv6 with Fedora Core 4. Until it stops exhibiting strange behavior, we've been disabling it:
/etc/sysconfig/network NETWORKING_IPV6=no /etc/modprobe.conf alias net-pf-10 off alias ipv6 offIf you still have problems, it could be something strange with hyper threading. I've been setting things up with postgresql and remember seeing a message about pgsql having performance problems with HT enabled. Granted, you're not using pgsql, but I'd try disabling HT for a day and seeing if you still get that weird behavior if disabling IPv6 doesn't help.
Timothy A. Holmes wrote:
I am on the trail of a puzzle here: I have a FC4 box running SNORT, and the associated processes (httpd, mysql, etc) to keep it happy. It is monitoring on one port which is outside our firewall, and is talking to the inside on another port. At times, everything seems happy happy, but other times, I try to hit the box, and cannot get in either via http, or via ssh, the requests keep timing out I fed it the uptime command and all of the load averages came back as0.00,The box is a Pentium 4, 2.0 HT with one gig of memory and a 40 gig hard drive I could sure use some help tracking this down, I cannot rely on SNORT till I can get these access problems resolved. I am also interested in using this as a learning tool for diagnosing this type of problems in the future, so if you can include thoughts on strategy etc that would be greatly appreciated. Thanks TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer TeacherMedina Christian AcademyA Higher Standard...Jeremiah 33:3Jeremiah 29:11 Esther 4:14 ------------------------------------------------------- SF.Net email is sponsored by:Tame your development challenges with Apache's Geronimo App Server. Downloadit for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Brad Lhotsky <lhotskyb () grc nia nih gov> NCTS Computer Specialist Phone: 410.558.8006
Current thread:
- Snort Problems -- access etc Timothy A. Holmes (Nov 08)
- Re: Snort Problems -- access etc Gene R Gomez (Nov 08)
- Re: Snort Problems -- access etc Brad Lhotsky (Nov 08)