[Snort-users] 1.8b5 build22 crash
H D Moore
hdm at ...1714...
Sat May 12 07:57:26 EDT 2001
--== Initializing Snort ==--
Checking PID path...
PATH_VARRUN is set to /var/run/ on this operating system
Initializing Network Interface eth0
Decoding Ethernet on interface eth0
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
Parsing Rules file /home/snort/rules/snort.conf
+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
Using LOCAL time
database: compiled support for ( mysql )
database: configured to use mysql
database: user = snort
database: database name = snort
database: host = localhost
database: password is set
database: sensor name = w.x.y.z
database: sensor id = 2
database: schema version = 100
database: using the "log" facility
533 Snort rules read...
533 Option Chains linked into 199 Chain Headers
0 Dynamic rules
+++++++++++++++++++++++++++++++++++++++++++++++++++
Rule application order: ->activation->dynamic->alert->pass->log
--== Initialization Complete ==--
-*> Snort! <*-
Version 1.8-beta5 (Build 22)
By Martin Roesch (roesch at ...66..., www.snort.org)
Program received signal SIGSEGV, Segmentation fault.
0x805d936 in AlertSyslog (p=0x0,
msg=0xbfffecb4 "spp_portscan: PORTSCAN DETECTED from w.x.y.z (THRESHOLD 5 connections exceeded in 1 seconds)", arg=0x813ffc0)
at spo_alert_syslog.c:345
345 ds_ptr = (PriorityData *) otn_tmp->ds_list[PLUGIN_PRIORITY_NUMBER];
(gdb) bt
#0 0x805d936 in AlertSyslog (p=0x0,
msg=0xbfffecb4 "spp_portscan: PORTSCAN DETECTED from w.x.y.z (THRESHOLD 5 connections exceeded in 1 seconds)", arg=0x813ffc0)
at spo_alert_syslog.c:345
#1 0x8055e0d in CallAlertPlugins (p=0x0,
message=0xbfffecb4 "spp_portscan: PORTSCAN DETECTED from w.x.y.z (THRESHOLD 5 connections exceeded in 1 seconds)") at rules.c:3445
#2 0x8055daa in CallAlertFuncs (p=0x0,
message=0xbfffecb4 "spp_portscan: PORTSCAN DETECTED from w.x.y.z (THRESHOLD 5 connections exceeded in 1 seconds)", head=0x0) at rules.c:3419
#3 0x805b506 in PortscanPreprocFunction (p=0xbfffedc0) at spp_portscan.c:953
#4 0x8055ca6 in Preprocess (p=0xbfffedc0) at rules.c:3358
#5 0x804ac91 in ProcessPacket (user=0x0, pkthdr=0xbffff268, pkt=0x812848a "")
at snort.c:501
#6 0x8077dcc in pcap_read ()
#7 0x80783ec in pcap_loop ()
#8 0x804c16f in InterfaceThread (arg=0x0) at snort.c:1377
#9 0x804ab74 in main (argc=7, argv=0xbffff3f4) at snort.c:434
More information about the Snort-users
mailing list