[Snort-users] Captured data length < Ethernet header length
cronus at ...4793...
Thu Jan 31 03:05:08 EST 2002
Forgive me if this has been discussed already but I am
a new subscriber to the list.
I'm running Snort Version 1.8.1-RELEASE (Build 74) which
is probably an old version but I haven't had the chance to
update it. I regularly get the following message in my
snort: Captured data length < Ethernet header length! (0 bytes)
I was hoping someone could shed some light on what
it means. I'm not even sure how to write a snort rule to
determine which machine it in on the network thats
generating these packets. Or is it my copy of snort ?
Any help would be greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users