[Snort-users] mem leak in snort-1.8-beta5 from 31-May CVS
Jason.Haar at ...294...
Thu May 31 23:49:05 EDT 2001
I'm running snort under Redhat 6.2 on two different boxes. One with config
based on that from www.snort.org, and another from Max's vision18.conf.
Basically I run out of memory on them...
I'm just about to kill for the second time in two days snort as it hits 70Mb
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
snort 2435 1.2 3.2 71924 12360 ? S 08:59 5:07
/usr/bin/snort.cvs -u snort -g snort -e -d -a -o -I -i eth1 -c
I have the following config option set:
output alert_syslog: LOG_AUTH LOG_ALERT
output database: log, mysql,
preprocessor stream: timeout 23, ports 21 23 25 80 110 143, maxbytes 16384
preprocessor http_decode: 80 2301
preprocessor portscan: $INTERNAL 5 5 portscan
My guess there's a leak in stream still?
Unix/Special Projects, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417
More information about the Snort-users