[Snort-devel] (no subject)

Vincent Chen vctw at ...398...
Wed Nov 28 18:45:01 EST 2001


Dear sir,

I'd like to report a possible bug. All information I
got
listed below:


System Architecture: x86 - AMD 5x86 133MHz
Operating System: snort-1.8.2 on FreeBSD 4.4 release

Rules used:
include exploit.rules
include scan.rules
include finger.rules
include ftp.rules
include telnet.rules
include smtp.rules
include rpc.rules
include rservices.rules
include dos.rules
include ddos.rules
include dns.rules
include tftp.rules
include web-cgi.rules
include web-coldfusion.rules
include web-frontpage.rules
include web-iis.rules
include web-misc.rules
include web-attacks.rules
include sql.rules
include x11.rules
include icmp.rules
include netbios.rules
include misc.rules
include attack-responses.rules
include backdoor.rules
include shellcode.rules
include policy.rules
include info.rules

Startup command line:
snort -D -N -i tun0 -A full -u operator -g operator -t
/home/operator/snort -c /conf/snort.conf -l /log

Log messages:

<Startup>
Nov 29 08:39:27 bach snort: PID stat checked out ok,
PID set to /var/run/
Nov 29 08:39:27 bach snort: Writing PID file to
"/var/run/"
Nov 29 08:39:27 bach snort: Initializing daemon mode
Nov 29 08:39:27 bach /kernel: tun0: promiscuous mode
enabled
Nov 29 08:39:27 bach snort: PID stat checked out ok,
PID set to /var/run/
Nov 29 08:39:27 bach snort: Writing PID file to
"/var/run/"
Nov 29 08:39:28 bach snort: WARNING: command line
overrides rules file alert plugin!
Nov 29 08:39:38 bach snort: Snort initialization
completed successfully, Snort running

<Abort>
Nov 29 08:47:03 bach /kernel: pid 344 (snort), uid 2:
exited on signal 11      
Nov 29 08:47:03 bach /kernel: tun0: promiscuous mode
disabled


__________________________________________________
Do You Yahoo!?
Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.
http://geocities.yahoo.com/ps/info1




More information about the Snort-devel mailing list