[Snort-users] Snort 1.8.6 crashes after Ping of Death
radamson at ...2127...
Thu Jul 11 07:03:08 EDT 2002
Yes, I've been having what appears to be the same problem on a Win2kPro
machine (stable v1.8.7 barebones). Best guess thus far is it has something
to do with opening/closing a local log file. This could be a different
problem as my Win2k system totally locks up on the "second" alert,
regardless of what the alert happens to be. A clean installation of
snort, etc, has not helped. A currently running test that excludes the
command line switches "-l e:\snort\log -A full" seems to confirm the
I've tried downloading the current v1.8.7 source from www.snort.org,
however Visual Studio complains about several missing files. A search
of the drive indicates they are truly missing including: avl_tree.c,
spp_minfrag.c, spp_tcp_stream.c, spp_stream3.c, and unistd.h.
Could some folks from the development side help out please?
> My Snort (version 1.8.6) (under Linux Mandrake 8.2) crashes after one
> or two attacks with the DoS-Attack "Ping of Death", produced with the
> "IDS Informer" from BLADE Software. This Software is an IDS testing
> tool. Does anybody else have this problem?
> <date> <time> <hostname> kernel: device eth0 left promiscuous mode
> <date> <time> <hostname> kernel: Oversized IP packet from <attacker>
More information about the Snort-users