[Snort-users] Snort 1.8.6 crashes after Ping of Death

Chris Green cmg at ...1935...
Thu Jul 11 06:42:06 EDT 2002

theeaglesociety at ...2792... (Night-Stalker) writes:

> My Snort (version 1.8.6) (under Linux Mandrake 8.2) crashes after
> one or two attacks with the DoS-Attack "Ping of Death", produced
> with the "IDS Informer" from BLADE Software. This Software is an IDS
> testing tool. Does anybody else have this problem?  

Please try against 1.8.7.  I've gotten complaints of this on 1.8.6
before and have been unable to reproduce.

If you can get it to work on 1.8.7, please run a parallel

tcpdump -i eth0 -s 1514 -w largeicmp.cap and mail it to me.
Chris Green <cmg at ...1935...>
To err is human, to moo bovine.

More information about the Snort-users mailing list