[Snort-users] Partial system crash while snort exiting
carlisian at ...11853...
Mon May 24 08:10:11 EDT 2004
I hope somedoby can help me with following problem:
After today's midnight system probably refuses to read/write from
HDD. I was able to use just running services. It wasn't possible
to start anything new including ssh sesion or shutdown command.
I've found these lines at the end of "/var/log/mesages". No newer
records were found in any other logs.
May 23 23:58:12 ipcop kernel: INPUT IN=eth2 OUT=
DST=220.127.116.11 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=63207 DF
PROTO=TCP SPT=4987 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0 May
24 00:00:06 ipcop kernel: INPUT IN=eth2 OUT=
DST=18.104.22.168 LEN=563 TOS=0x00 PREC=0x00 TTL=115 ID=7138
PROTO=UDP SPT=666 DPT=1026 LEN=543 May 24 00:01:04 ipcop snort:
May 24 00:01:05 ipcop snort: Initializing daemon mode
May 24 00:01:05 ipcop snort: PID path stat checked out ok, PID
path set to /var/run/ May 24 00:01:05 ipcop snort: Writing PID
"31823" to file "/var/run//snort_eth2.pid" May 24 00:01:05 ipcop
snort: [*] Frag2 config:
May 24 00:01:05 ipcop snort: Fragment timeout: 60 seconds
May 24 00:01:05 ipcop snort: Fragment memory cap: 2097152
bytes May 24 00:01:05 ipcop snort: Fragment min_ttl: 0
I am runnig IPCOP 1.3 (fix 9) headless (without keyboard or
-*> Snort! <*-
Version 2.0.0 (Build 72)
Linux version 2.4.24 (root at ...5964...) (gcc version
2.96 20000731 (Red Hat Linux 7.3 2.96-113)) #1 do feb 19 17:13:53
thank you very much in advance.
More information about the Snort-users