[Snort-devel] [ snort-Bugs-555683 ] Two packets intermixed

noreply at ...12... noreply at ...12...
Wed May 15 08:53:03 EDT 2002


Bugs item #555683, was opened at 2002-05-13 17:16
You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=103357&aid=555683&group_id=3357

Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: Two packets intermixed

Initial Comment:

Snort 1.8.6 running on Solaris 2.7.  This is using a 
Sun gig interface (ge).  Logging to mysql.  Snort is 
monitoring multiple networks using Cisco span session.

I have an alert that is a combination of two separate 
packets.  It is very clear to see that the packet is 
corrupted and that the first half of the data is from 
a server on completely separate network than the data 
for the second half of the packet.

I can be reached if you need more information than 
that.




----------------------------------------------------------------------

You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=103357&aid=555683&group_id=3357




More information about the Snort-devel mailing list