> While I'm here, anyone know why the snort daemon would occasionally die
> under RedHat 7.0? I grabbed the latest rpm's for the app and am using the
> default ruleset. I even ran it as a job w/o the -D switch from a command
> line and monitored it for a couple days uneventfully. When I restart the
> service, it dies after a few (6? 12?) hours w/no errors in the logs. (that's
> another thing... even w/the -s option, I see no output in the system logs,
> only /var/log/snort/log.)

Do you have SPADE or tcp_stream on? Those are the most often cause of
instability ( you can always try the CVS version ). It's best though
to put snort under something like supervise to restart it instantly if
it dies.

I think Fyodor is working on snortdog which will (in the future?) do
this too

-- 
Chris Green <cmguab.edu>
Joe Cool always spends the first two weeks at college sailing his frisbee.
                -- Snoopy
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]