[Snort-users] Partial system crash while snort exiting

Richard Lang carlisian at ...11853...
Mon May 24 08:10:11 EDT 2004


Hi all

I hope somedoby can help me with following problem:

After today's midnight system probably refuses to read/write from
HDD. I was able to use just running services. It wasn't possible
to start anything new including ssh sesion or shutdown command.

I've found these lines at the end of "/var/log/mesages". No newer
records were found in any other logs.

May 23 23:58:12 ipcop kernel: INPUT IN=eth2 OUT=
MAC=00:50:fc:37:24:ea:00:07:50:a0:8f:82:08:00 SRC=213.220.209.39
DST=213.220.221.133 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=63207 DF
PROTO=TCP SPT=4987 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0 May
24 00:00:06 ipcop kernel: INPUT IN=eth2 OUT=
MAC=00:50:fc:37:24:ea:00:05:5e:6b:43:c2:08:00 SRC=212.220.221.133
DST=213.220.221.133 LEN=563 TOS=0x00 PREC=0x00 TTL=115 ID=7138
PROTO=UDP SPT=666 DPT=1026 LEN=543 May 24 00:01:04 ipcop snort:
Snort exiting
May 24 00:01:05 ipcop snort: Initializing daemon mode
May 24 00:01:05 ipcop snort: PID path stat checked out ok, PID
path set to /var/run/ May 24 00:01:05 ipcop snort: Writing PID
"31823" to file "/var/run//snort_eth2.pid" May 24 00:01:05 ipcop
snort: [*] Frag2 config:
May 24 00:01:05 ipcop snort:     Fragment timeout: 60 seconds
May 24 00:01:05 ipcop snort:     Fragment memory cap: 2097152
bytes May 24 00:01:05 ipcop snort:     Fragment min_ttl:   0

I am runnig IPCOP 1.3 (fix 9) headless (without keyboard or
grafical card)

-*> Snort! <*-
Version 2.0.0 (Build 72)

kernel:
Linux version 2.4.24 (root at ...5964...) (gcc version
2.96 20000731 (Red Hat Linux 7.3 2.96-113)) #1 do feb 19 17:13:53
CET 2004

 thank you very much in advance.
 
 best regards,

Richard




More information about the Snort-users mailing list