Snort mailing list archives
Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing
From: Steven Sturges <ssturges () sourcefire com>
Date: Sun, 24 Apr 2011 21:03:33 -0400
Hi Michael-- What is your specific Snort version (md5sum of Snort Installer)... what version of Winpcap? Thanks -steve On 4/24/11 9:10 AM, Michael Steele wrote:
We are moving a single sensor to Server 2008 Standard x86 (SP2) for testing, and have installed all the latest stable releases of Snort and the rules. When Snort is ran in test mode (-T), Snort crashes. Problem signature: Problem Event Name: APPCRASH Application Name: snort.exe Application Version: 0.0.0.0 Application Timestamp: 4d6bee97 Fault Module Name: ntdll.dll Fault Module Version: 6.0.6002.18327 Fault Module Timestamp: 4cb73436 Exception Code: c0000005 Exception Offset: 000673dd OS Version: 6.0.6002.2.2.0.272.7 Locale ID: 1033 Additional Information 1: e0db Additional Information 2: e7f302e56a308d08c2241ce00f9533a4 Additional Information 3: 76e5 Additional Information 4: 433447cb6324885dd898e259eeaa4d08 Going into the sensitive-data.rules file, all the rules must be disabled before Snort will run. This is not happening with Server 2003, or XP with the exact same configuration. Any help will be greatly appreciated, possibly a bug? Kindest regards, Michael... WINSNORT.com Management Team Member ------------------------------------------------------------------------------ Fulfilling the Lean Software Promise Lean software platforms are now widely adopted and the benefits have been demonstrated beyond question. Learn why your peers are replacing JEE containers with lightweight application servers - and what you can gain from the move. http://p.sf.net/sfu/vmware-sfemails _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
------------------------------------------------------------------------------ Fulfilling the Lean Software Promise Lean software platforms are now widely adopted and the benefits have been demonstrated beyond question. Learn why your peers are replacing JEE containers with lightweight application servers - and what you can gain from the move. http://p.sf.net/sfu/vmware-sfemails _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
Current thread:
- Windows Server 2008 Standard x86 and sensitive-data.rules crashing Michael Steele (Apr 24)
- Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Steven Sturges (Apr 24)
- Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Michael Steele (Apr 24)
- <Possible follow-ups>
- Windows Server 2008 Standard x86 and sensitive-data.rules crashing Michael Steele (May 08)
- Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Steven Sturges (May 08)
- Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Michael Steele (May 09)
- Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Steven Sturges (May 08)
- Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Steven Sturges (Apr 24)