[Snort-devel] Snort-Bug?

Pedro Bueno bueno at ...1117...
Tue Jan 29 17:45:04 EST 2002


Here it is:

1-System Architecture and 2-Operating System version
Linux flamengo 2.4.8-26mdk #1 Sun Sep 23 17:06:39 CEST 2001 i686 unknown

3-What rules:
include bad-traffic.rules
include exploit.rules
include scan.rules
include finger.rules
include ftp.rules
include telnet.rules
include smtp.rules
include rpc.rules
include rservices.rules
include dos.rules
include ddos.rules
include dns.rules
include tftp.rules
include web-cgi.rules
include web-misc.rules
include web-attacks.rules
include x11.rules
include icmp.rules
include misc.rules
include attack-responses.rules
include backdoor.rules
include shellcode.rules
include policy.rules
include porn.rules
include info.rules
include icmp-info.rules
include virus.rules
include local.rules

4-Command line switches:
snort-plain+flexresp -d -s -l /var/log/snort -h xxx.xxx.xxx.xxx/26  -c
/etc/snort/snort.conf

5-Error messages:(first line)
===============================================================================

Snort analyzed -36306944 out of 0 packets, dropping 36306944(inf%)
packets

Breakdown by protocol:                Action Stats:
      TCP: 753212     (0.018%)          ALERTS: 73514
      UDP: 34108      (0.001%)          LOGGED: 73514
      ICMP: 263        (0.000%)          PASSED: 0
      ARP: 1316       (0.000%)
      IPv6: 0          (0.000%)
      IPX: 0          (0.000%)
      OTHER: 0          (0.000%)
      DISCARD: 0          (0.000%)

===============================================================================

Fragmentation Stats:
Fragmented IP Packets: 0          (0.000%)
Fragment Trackers: 0
Rebuilt IP Packets: 0
Frag elements used: 0
Discarded(incomplete): 0
Discarded(timeout): 0
Frag2 memory faults: 0

===============================================================================

TCP Stream Reassembly Stats:
TCP Packets Used: 753202     (0.018%)
Stream Trackers: 18665
Stream flushes: 2318
Segments used: 3330
Stream4 Memory Faults: 0

===============================================================================

hope this can help...
/pedro





More information about the Snort-devel mailing list