[Snort-users] segmentation fault
joanne_treurniet at ...125...
Wed Oct 11 14:18:38 EDT 2000
I'm a new snort user. I installed from source yesterday on a RedHat 6.2
system running kernel 2.2.16-3.
I'm trying to run raw tcpdump data (collected hourly on Shadow) through
snort for content alerts. I've tried 4 different hours and I get an
"Aborted" message after 4 to 8 seconds. If I remove the traffic involving
the offending packet (the one after the last packet shown), I get a
segmentation fault after a seemingly random amount of time (~40min) instead.
For each hour, the offending packet has the common thread of a large ack #
and that they involve port 80.
The tcpdump data was collected using RedHat's tcpdump3.4 rpm which came with
the distribution. Are there known problems with this? I know that the
output format is different, but I didn't think the raw packets would differ.
If anyone can think of anything I could try, I'd appreciate the help.
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
More information about the Snort-users