Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Fw: [HELP] snort stop processing on "Initializing rule chains" issue

From: Rachmat Hidayat Al-Anshar <rachmat_hidayat_02 () yahoo com>
Date: Fri, 28 Dec 2007 20:29:55 -0800 (PST)

Ow, I have a wrong understanding about this, before I was thinking 
that Snort stuck its process because of RAM lacking. 

How is it Joel, the snort machine still stuck???
Now I using 768 MB of memory :'((

Help meee...
Thanks
Rachmat Hidayat Al Anshar


----- Forwarded Message ----
From: Rachmat Hidayat Al-Anshar <rachmat_hidayat_02 () yahoo com>
To: snort <Snort-users () lists sourceforge net>
Sent: Saturday, December 29, 2007 10:58:06 AM
Subject: Re: [Snort-users] [HELP] snort stop processing on "Initializing rule chains" issue



<rachmat_hidayat_02 () yahoo com> wrote:

Now I am using 512 MB of RAM and Snort still stuck on the road...
after Not Using PCAP_FRAMES...

What do you mean by stuck on the road ? Can you give us a screenshot
of Snort running on your computer ?

Snort stuck its process, there is no any clue or message at all for this issue. 
I am using TSL for snort box, and I using the default env. (without xserver)
I can't capture any screenshot, (i didn't also remote it using ssh (^^!))

- Have you test your Snort installation first to test all your rules,
using -t (if I am not mistaken) ?

Yes indeed, I have test it using this following command:
snort -c /etc/snort/snort.conf -T

- Are you using Snort as a Daemon ?

Nope, for a first shake its run with this following command
snort -c /etc/snort/snort.conf -A console -K ascii 
so I can notice what was snort done to console.

- Are there any traffic on your network that is monitored by Snort
 ?

Nope, because my snort was hanging around the process, there
is no packets was detected, even for a small parts. 

Just like Joel says, that my box was lack of memory, 
now I am trying to use 1 GB of memory :)

Thanks for your response Tedi :)
Happy days...
Rachmat Hidayat Al Anshar

-- 
cheers,

tedi
Blog      :
 http://theriyanto.wordpress.com
Website : http://tedi.heriyanto.net
You Need More Than Awareness : Stay Alert!







      Never miss a thing.   Make Yahoo your homepage.







      ____________________________________________________________________________________
Never miss a thing.  Make Yahoo your home page. 
http://www.yahoo.com/r/hs
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: