Snort mailing list archives
Re: Diagnosing snort 2.7.0 seg fault
From: "M. Shirk" <shirkdog_list () hotmail com>
Date: Wed, 01 Aug 2007 10:31:58 -0400
Are you running bleeding threat rules?If so, that is probably the problem. There are several rules with zero content and flow tags that are causing issues in Snort 2.7
Here is my disablesid list from oinkmaster: disablesid 2002758 disablesid 2002742 disablesid 2003068 disablesid 2001874 disablesid 2001984 disablesid 2001219I think 2001874 has been fixed, it was a syntax error, but just try to run without those rules.
Shirkdog ' or 1=1-- http://www.shirkdog.us
From: James Lay <jlay () slave-tothe-box net> To: Snort <snort-users () lists sourceforge net> Subject: [Snort-users] Diagnosing snort 2.7.0 seg fault Date: Wed, 01 Aug 2007 08:29:15 -0600 Hey all! I upgraded from 2.4.0 to 2.7.0 as well as moved it to a chroot environment. Snort now seg faults at the end with: Not Using PCAP_FRAMES Segmentation fault What information can I provide/take a look at to determine how to fix this? Gdb or ptrace or something like that? Thank you. James ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_________________________________________________________________Don't get caught with egg on your face. Play Chicktionary! http://club.live.com/chicktionary.aspx?icid=chick_hotmailtextlink2
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Diagnosing snort 2.7.0 seg fault James Lay (Aug 01)
- Re: Diagnosing snort 2.7.0 seg fault M. Shirk (Aug 01)
- Re: Diagnosing snort 2.7.0 seg fault Matthew Watchinski (Aug 01)
- Re: Diagnosing snort 2.7.0 seg fault Justin Heath (Aug 01)
- Re: Diagnosing snort 2.7.0 seg fault James Lay (Aug 01)
- Re: Diagnosing snort 2.7.0 seg fault Colin Grady (Aug 01)
- Re: Diagnosing snort 2.7.0 seg fault Todd Wease (Aug 01)
- Re: Diagnosing snort 2.7.0 seg fault Matthew Watchinski (Aug 01)
- Re: Diagnosing snort 2.7.0 seg fault M. Shirk (Aug 01)