[Snort-users] Continuous packet streaming on boot of CentOS 6.3 64 bit

Mayur Patil ram.nath241089 at ...11827...
Tue Jun 11 04:26:40 EDT 2013


The snort message is as follows:

Initializing output plugins !!

pcap DAQ is configured to passive.

Acquiring network traffic from "eth0"

Decoding ethernet

    --==Initialization Complete==--

SNort
.
.
.
. //messages of version number
.
.
.

Commencing packet processing (pid=1668)

and stopped there !!

I have unplugged n/w cable and got above output.

Does "shell in" means getting grub console then yes !!

I can get grub console.

Looking forward for guidance,
*
--
Cheers,
Mayur*

On Tue, Jun 11, 2013 at 1:45 PM, Russ Combs <rcombs at ...1935...> wrote:

>
>
> On Tue, Jun 11, 2013 at 4:12 AM, Mayur Patil <ram.nath241089 at ...11827...>wrote:
>
>> Thanks Russ sir for reply.
>>
>> My problem is I am unable to log into command line mode  i.e. Ctrl+Alt+F2
>>
>> and also GUI mode of CentOS. And after that I have to add this path.
>>
>> Would you please guide me how to do that it will be a great help !!
>>
>> Can you shell in?  If that doesn't work, try unplugging your network
> cable(s).
>
>
>> Thank you !!
>> --
>> *Cheers,
>> Mayur*.
>>
>> On Tue, Jun 11, 2013 at 1:33 PM, Russ Combs <rcombs at ...1935...>wrote:
>>
>>> On Tue, Jun 11, 2013 at 3:41 AM, Mayur Patil <ram.nath241089 at ...11827...>wrote:
>>>
>>>> Hello,
>>>>
>>>>  I am seeing something like this
>>>>
>>>>  *06/11 11:0246  10.1.46.123:136 -> 10.1.46.255:137*
>>>>  * UDP:TTL :128 TOS:8 ID:20 IpLen:20 DgmLen:78 Len:50
>>>>
>>>> * in continuous streaming of packets.
>>>> *
>>>> *
>>>> * *Now I am sure that this is the Snort startup script problem.....!!
>>>>
>>>>  At the starting I have seen message  *starting snort in packet dump
>>>> mode*
>>>>
>>>>  Please help how to disable this mode or disable snort script from
>>>> loading at boot time??
>>>>
>>>
>>> *Running in packet dump mode is because you don't have a "-c
>>> path/snort.conf" option on your command line. *
>>>
>>>>
>>>> On Tue, Jun 11, 2013 at 11:00 AM, Mayur Patil <ram.nath241089 at ...11827...
>>>> > wrote:
>>>>
>>>>> Hello,
>>>>>
>>>>>    I have stuck on one issue. I am unable to see either GUI or CLI for
>>>>> CentOS 6.3.
>>>>>
>>>>>    Description as follows:
>>>>>
>>>>>    I was just checking my snort script on centos machine yesterday. So
>>>>> I left machine as it is.
>>>>>
>>>>>    When I come today, screen location has changed on desktop so I
>>>>> adjusted and reboot.
>>>>>
>>>>>    When I reboot it takes much time to boot, so I press any key on
>>>>> keyboard it shows
>>>>>
>>>>>    fast continuous streaming, no idea of what, seems like to be many
>>>>> packets
>>>>>
>>>>>    Somewhat
>>>>>
>>>>>    UDP---TLS-----255.255.255.0 ------------------->
>>>>>
>>>>>     like this. When I try to load the Ctrl+Alt+f2 nothing happens.
>>>>>
>>>>>     I am also unable to login through Putty but I am able to ping the
>>>>> machine.
>>>>>
>>>>>     How to stop this packet steaming??
>>>>>
>>>>>     Need help please!!
>>>>>
>>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130611/066dcaaf/attachment.html>


More information about the Snort-users mailing list