[root@xxx xxxx]# ps -ef | grep snort snort 10283 ٧٧1٧2 17:17 ? ٧٧00:00:00 /usr/sbin/snort -u snort -g snorroot ٧٧10292 10252٧0 17:17 pts/2 00:00:00 [xxxx@xxx xxxx]$ ping -c1 -s1 xxx.xxxxxx.com PING xxx.xxxxxxx.com (111.111.111.111) from 111.111.111.111: 1(29) bytes of data. 9 bytes from xxx.xxxxxxxx.com (192.168.1.103): icmp_seq=0 ttl=255 --- xxx.xxxxxxxxx.com ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss [root@xxx xxxxxxxx]# ps -ef | grep snort root ٧٧10328 10252٧0 17:18 pts/2 00:00:00 grep snort -KF Sinbad wrote: > Run snort: > # snort -dev host 192.168.0.3 and 192.168.0.1 > > Ping 192.168.0.1 from 192.168.0.3 within one data in payload: > # ping -c 1 -s 1 192.168.0.1 > > Snort's output showed below: > -*> Snort! <*- > Version 1.8.3 (Build 88) > By Martin Roesch (roesch@sourcefire.com, www.snort.org) > 01/10-11:34:43.898282 0:80:AD:78:83:BB -> 0:E0:18:C4:52:76 type:0x800 len:0x2B > 192.168.0.3 -> 192.168.0.1 ICMP TTL:64 TOS:0x0 ID:0 IpLen:20 DgmLen:29 DF > Type:8 Code:0 ID:9435 Seq:0 ECHO > Segmentation fault (core dumped) > > hmm... core dumped! > > while with the '-X' option works well. :) > > Have you ever seen this happened? > > > Regards, > Sinbad > > >
