[Snort-devel] Segmentation fault

Thoplaop T.M.Hesketh-roberts at ...1826...
Mon Mar 3 06:03:01 EST 2003


System Architecture (Sparc, x86, etc)
 x86 - AMD 500MHz
Operating System and version (Linux 2.0.22, IRIX 5.3, etc)
 Linux Kernel 2.4.19
 (It's Mandrake 9.0, which means it has GCC 3.2)
Version of Snort
 Snort Version 1.8.3
What preprocessors you loaded
 Just as in your own snort.conf file downloaded from
 your website (see next answer for URL).  I did not
 edit the snort.conf at all, the preprocessor statements
 were thus as follows:
  preprocessor frag2
  preprocessor stream4: detect_scans, disable_evasion_alerts
  preprocessor stream4_reassemble
  preprocessor http_decode: 80 unicode iis_alt_unicode double_encode
iis_flip_slash full_whitespace
  preprocessor rpc_decode: 111 32771
  preprocessor bo: -nobrute
  preprocessor telnet_decode
  preprocessor conversation: allowed_ip_protocols all, timeout 60,
max_conversations 32000
  preprocessor portscan2: scanners_max 3200, targets_max 5000,
target_limit 5, port_limit 20, timeout 60
What rules (if any) you were using
 As downloaded from your own website at
 http://www.snort.org/dl/signatures/snortrules.tar.gz
 and simply referred to the snort.conf file included
 in snortrules.tar.gz in order to use rules.  The
 snort.conf file was simply referred to on command-line
 as shown below.
What output plug-ins you loaded
 None unless any loaded in snort.conf
What command line switches you were using
 snort -devr /home/thop/mit_training_week1/monday/tcpdump -h
192.168.1.0/24 -l /home/thop/snort/mitlog1_asc/
 (NB: "mit_training_week1/" dir. is extracted directly from
  http://www.ll.mit.edu/IST/ideval/data/1998/training/week1/monday.tar)
Any Snort error messages
 Output copied and pasted as follows:

Initializing Output Plugins!
Log directory = /home/thop/snort/mitlog1_asc/
TCPDUMP file reading mode.
Reading network traffic from
"/home/thop/mit_training_week1/monday/tcpdump" file.
snaplen = 66000

        --== Initializing Snort ==--

        --== Initialization Complete ==--

-*> Snort! <*-
Version 1.9.0 (Build 209)
By Martin Roesch (roesch at ...402..., www.snort.org)
Segmentation fault
[root at ...1825... snort]#

Any more information
 Please reply and I should get back to you quickly
-- 
Spare time?  Make good use of it...
http://thop.co.uk/go - just click to donate free to good causes
(sponsered by adverts)

Michael Eisner, MD for Disney = $9,783/hour
   Haitian worker for Disney  = 28 cents/hour





More information about the Snort-devel mailing list