[Snort-users] Snort Win32 Process Stalling
michaels at ...155...
Wed Jan 22 21:04:02 EST 2003
Why are you using Firedeamon, or the Srvany services? Short has them built
in in 1.9.x. Remove all the Srvany services, and you actually have a remove
option I think 'Srvany remove' or something like that.
Well, if you want to start over, then use my latest documentation, well
worth the time.
Michael Steele | System Engineer / Support Technician
mailto:michaels at ...155...
Silicon Defense: IDS solutions - http://www.silicondefense.com
Snort: Open Source Network IDS - http://www.snort.org
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Steven
Sent: Wednesday, January 22, 2003 8:11 PM
To: 'snort-users at lists.sourceforge.net'
Subject: [Snort-users] Snort Win32 Process Stalling
I've been running Snort on W2K for over 12 months now following the
excellent doco Michael Steele provides via www.silicondefense.com
However, since I upgraded to Version 1.9.0beta6-ODBC-MySQL-WIN32 (Build 209)
I have had nothing but problems.
The problem I am experiencing is that the snort process hangs, so CPU time
increments and I don't get any packets forwarded to my MySQL / ACID server.
The only way to stop this is to stop the snort service and start it again.
This may last an hour or so before it stalls.
Actions taken so far include;
* Using both Srvany and FireDaemon to run snort as a service
* Removing WinPCap ensuring old versions have necessary files and .dlls
removed, as per instructions on the WinPCap web site.
* Installing various versions of WinPCap
Does anyone have any tips? My next step is to trash everything including the
OS and start again following Michaels guide word for word.
Thanks in advance
This email and any files transmitted with it are solely intended for the use
addressee(s) and may contain information that is confidential and
privileged. If you
receive this email in error, please advise us by return email immediately.
disregard the contents of the email, delete it and destroy any copies
Computershare Limited and its subsidiaries do not accept liability for the
expressed in the email or for the consequences of any computer viruses that
transmitted with this email
This email is also subject to copyright. No part of it should be
reproduced, adapted or
transmitted without the written consent of the copyright owner.
This SF.net email is sponsored by: Scholarships for Techies!
Can't afford IT training? All 2003 ictp students receive scholarships.
Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users