Snort mailing list archives
Re: segfault - how to troubleshoot
From: Doug Burks <doug.burks () gmail com>
Date: Tue, 31 Jan 2012 13:54:11 -0500
It happened at 7:01, which is the time of our daily cronjob in Security Onion to run PulledPork and restart Snort. I'll look into it. Thanks, Doug On Tue, Jan 31, 2012 at 1:16 PM, Russ Combs <rcombs () sourcefire com> wrote:
On Tue, Jan 31, 2012 at 12:53 PM, Mark W. Jeanmougin <mark.jeanmougin () cchmc org> wrote:On 01/31/2012 11:56 AM, Joe S wrote:Any recommendation on how to troubleshoot? Snort was running for 22 hours.Was a core dump generated? To see if core dumps are enabled, run "ulimit -a". The top line is for "core file size". If it is set to zero, then you won't get one. Running "ulimit -c unlimited" before you start snort will enable them.Also, the core will be more informative if you can build with ./configure --enable-debug. If you use gcc, that will still produced optimized code so the performance hit shouldn't be too much. What happened 22 hours ago? Did you reconfigure or load new rules? Any new so rules?MJ ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
-- Doug Burks SANS GSE and Community Instructor Security Onion | http://securityonion.blogspot.com President, Greater Augusta ISSA | http://augusta.issa.org Please vote for Security Onion for 2011 Toolsmith Tool of the Year! | http://goo.gl/PwTDi ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- segfault - how to troubleshoot Joe S (Jan 31)
- Re: segfault - how to troubleshoot Mark W. Jeanmougin (Jan 31)
- Re: segfault - how to troubleshoot Russ Combs (Jan 31)
- Re: segfault - how to troubleshoot Doug Burks (Feb 01)
- Re: [Spam] Re: segfault - how to troubleshoot Lay, James (Feb 01)
- Re: [Spam] Re: segfault - how to troubleshoot Martin Holste (Feb 01)
- Re: segfault - how to troubleshoot Russ Combs (Jan 31)
- Re: segfault - how to troubleshoot Mark W. Jeanmougin (Jan 31)