Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Signals

From: "Castle, Shane" <scastle () bouldercounty org>
Date: Tue, 1 Feb 2011 13:02:07 -0700
I have a problem with the signal issue. You REALLY need to read your man
page about signals. On most Linux systems, "man 7 signal" will tell you
what you want, but essentially, you should NEVER use the number of a
signal but always its name, e.g., "kill -USR1 <pid>" or "kill -s USR1
<pid>". The number corresponding to a signal changes with the Unix
implementation and the platform on which it is running.

-- 
Shane Castle
Data Security Mgr, Boulder County IT
CISSP GSEC GCIH

-----Original Message-----
From: Michael Scheidell [mailto:michael.scheidell () secnap com] 
Sent: Tuesday, February 01, 2011 12:36
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Rules with SDF options cannot have other
detection options in the same rule

On 2/1/11 1:56 PM, Joel Esler wrote: 

        That's not right.  I'll bug this on our side for our developers
to take a look.   
        Joel
        


Would you consider it a bug to fail on a signal 30, if system build with
targetbased, and doesn't have a targets.xml file?

You might ask, why send a signal 30 to reload the targets.xml file if
you don't have system compiled with --enable-targetbased?

(freebsd sends a signal 30 is you send it a SIGUSR1)

I might ask, if --enable-targetbased is NOT specified, why include the
code to look for the targets.xml file?




-- 
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300

| SECNAP Network Security Corporation 


*       Certified SNORT Integrator
*       2008-9 Hot Company Award Winner, World Executive Alliance
*       Five-Star Partner Program 2009, VARBusiness
*       Best in Email Security,2010: Network Products Guide
*       King of Spam Filters, SC Magazine 2008


________________________________

This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.secnap.com/products/spammertrap/

________________________________



------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires 
February 28th, so secure your free ArcSight Logger TODAY! 
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: