Snort mailing list archives

Re: Snort Segfaulting

From: Eric Hines <eric.hines () appliedwatch com>
Date: Mon, 07 Aug 2006 13:54:04 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Typo: Snort 2.3 and Snort 2.4 of course.

Best Regards,

Eric S. Hines, GCIA, CISSP
CEO, President, Chairman
Applied Watch Technologies, LLC


- --------------------------------------------------

Eric S. Hines, GCIA, CISSP
CEO, President, Chairman
Applied Watch Technologies, LLC

- --------------------------------------------------

Email:   eric.hines () appliedwatch com
Address: 1095 Pingree Road
         Suite 213
         Crystal Lake, IL
         60014
Tel:     (877) 262-7593 ext:327
Local:   (847) 854-5831
Fax:     (847) 854-5106
Web:     http://www.appliedwatch.com

- --------------------------------------------------
Security Management for the Open Source Enterprise





Eric Hines wrote:

All,

I am running in to a problem here on a Snort sensor that seems to be
segfaulting. For some reason this only happens with Snort 3.4. When
Snort 3.3 is used, the problem does not occur. I've tried (2) different
Linux distros at this point, both SuSE 9 and CentOS 4 -- the problem
occurs on both.

Snort does not log any crash details or information to the snort_log.

Has anyone run in to this? Does anyone know what the problem may be
attributed to?


[root@localhost bin]# /aw/sbin/snort2.4 -i eth0 -c
/usr/local/appliedwatch/agent/inst/agent.aWGz2T/data/snort/conf/snort.co
nf -l /usr/local/appliedwatch/agent/inst/agent.aWGz2T/var/snort/log


        --== Initialization Complete ==--

   ,,_     -*> Snort_Inline! <*-
  o"  )~   Version 2.4.5 (Build 29)
   ''''    By Martin Roesch & The Snort Team:
http://www.snort.org/team.html
           (C) Copyright 1998-2005 Sourcefire Inc., et al.
           Snort_Inline Mod by William Metcalf, Victor Julien, Nick
Rogness,
           Dave Remien, Rob McMillen and Jed Haile
 NOTE: Snort's default output has changed in version 2.4.1!
       The default logging mode is now PCAP, use "-K ascii" to activate
       the old default logging mode.

Segmentation fault

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE14xM1va6QYTV0EMRAtz+AJ9GbZ4hNpHUDtTQ5NtYHoK4g4cUMACdHThy
guNujlgAmVBWyd1RLQx7gMA=
=RFIZ
-----END PGP SIGNATURE-----

Attachment: eric.hines.vcf
Description:

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort Segfaulting Eric Hines (Aug 07)
- Re: Snort Segfaulting Eric Hines (Aug 07)
- Re: Snort Segfaulting Martin Roesch (Aug 07)
  - Re: Snort Segfaulting Will Metcalf (Aug 07)
  - Re: Snort Segfaulting Nerijus Krukauskas (Aug 18)