Re: Continuous packet streaming on boot of CentOS 6.3 64 bit

[Mayur Patil <ram.nath241089 () gmail com>]

The snort message is as follows:

Initializing output plugins !!

pcap DAQ is configured to passive.

Acquiring network traffic from "eth0"

Decoding ethernet

    --==Initialization Complete==--

SNort
.
.
.
. //messages of version number
.
.
.

Commencing packet processing (pid=1668)

and stopped there !!

I have unplugged n/w cable and got above output.

Does "shell in" means getting grub console then yes !!

I can get grub console.

Looking forward for guidance,
*
--
Cheers,
Mayur*

On Tue, Jun 11, 2013 at 1:45 PM, Russ Combs <rcombs () sourcefire com> wrote:

> On Tue, Jun 11, 2013 at 4:12 AM, Mayur Patil <ram.nath241089 () gmail com>wrote:
>
> > Thanks Russ sir for reply.
> >
> > My problem is I am unable to log into command line mode  i.e. Ctrl+Alt+F2
> >
> > and also GUI mode of CentOS. And after that I have to add this path.
> >
> > Would you please guide me how to do that it will be a great help !!
> >
> > Can you shell in?  If that doesn't work, try unplugging your network
> cable(s).
>
>
> > Thank you !!
> > --
> > *Cheers,
> > Mayur*.
> >
> > On Tue, Jun 11, 2013 at 1:33 PM, Russ Combs <rcombs () sourcefire com>wrote:
> >
> > > On Tue, Jun 11, 2013 at 3:41 AM, Mayur Patil <ram.nath241089 () gmail com>wrote:
> > >
> > > > Hello,
> > > >
> > > >  I am seeing something like this
> > > >
> > > >  *06/11 11:0246  10.1.46.123:136 -> 10.1.46.255:137*
> > > >  * UDP:TTL :128 TOS:8 ID:20 IpLen:20 DgmLen:78 Len:50
> > > >
> > > > * in continuous streaming of packets.
> > > > *
> > > > *
> > > > * *Now I am sure that this is the Snort startup script problem.....!!
> > > >
> > > >  At the starting I have seen message  *starting snort in packet dump
> > > > mode*
> > > >
> > > >  Please help how to disable this mode or disable snort script from
> > > > loading at boot time??
> > >
> > > *Running in packet dump mode is because you don't have a "-c
> > > path/snort.conf" option on your command line. *
> > >
> > > > On Tue, Jun 11, 2013 at 11:00 AM, Mayur Patil <ram.nath241089 () gmail com
> > > > > wrote:
> > > >
> > > > > Hello,
> > > > >
> > > > >    I have stuck on one issue. I am unable to see either GUI or CLI for
> > > > > CentOS 6.3.
> > > > >
> > > > >    Description as follows:
> > > > >
> > > > >    I was just checking my snort script on centos machine yesterday. So
> > > > > I left machine as it is.
> > > > >
> > > > >    When I come today, screen location has changed on desktop so I
> > > > > adjusted and reboot.
> > > > >
> > > > >    When I reboot it takes much time to boot, so I press any key on
> > > > > keyboard it shows
> > > > >
> > > > >    fast continuous streaming, no idea of what, seems like to be many
> > > > > packets
> > > > >
> > > > >    Somewhat
> > > > >
> > > > >    UDP---TLS-----255.255.255.0 ------------------->
> > > > >
> > > > >     like this. When I try to load the Ctrl+Alt+f2 nothing happens.
> > > > >
> > > > >     I am also unable to login through Putty but I am able to ping the
> > > > > machine.
> > > > >
> > > > >     How to stop this packet steaming??
> > > > >
> > > > >     Need help please!!
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!