On 13/10/06 09:54, Gufo wrote:
> Hi all,
> I'm facing some problems installing sebek 3.2.0c on an old slackware 8.1
> with kernel 2.4.18.
>
> The first glitch is when sbk_install.sh tries to recognise if the
> variable MAGIC_VAL have a value different from 0.
> To make it stop complaining I simply deleted this check ;)
>
> Sebek compiles correctly, loads and get hidden by cleaner.o but doesn't
> log anything(nor keystroke nor remote ssh connections)...at least I
> can't)see traffic using a sniffer on a cross-connected machine.
>
> I don't know if it's a configuration problem or an incompability with
> linux 2.4.18.
>
> The parameters I use to load sebek are:
>
> DESTINATION_IP="external.ip"
> DESTINATION_MAC="the.right.mac.add"
> SOURCE_PORT=1234
> DESTINATION_PORT=1234
> MAGIC_VAL=3716732390
> KEYSTROKE_ONLY=1
> SOCKET_TRACKING=1
> TESTING=0
> MODULE_NAME="aname.o"
> WRITE_TRACKING=0
Hi, its me again :-)
Same machine, same operating system, same sebek version, different problems.
I'm trying with various kernels and with different filters. Every time
sebek has to log something, that's to say every time the filter match
a rule, kernel dumps and system locks.
Even a simple filter like this:
action=full user=myuser
doesn't work...when i try to ssh on my machine, using:
ssh myuser_at_myaddress and supply the right password the kernel dumps
complaining about:
kernel BUG at skbuf.c line 109
This is the message for linux 2.4.21
If it's needed I can send a photo of the monitor with the complete dump.
Kernel version affected:
2.4.18 ---> as in slackware 8.1 last patched version
2.4.21 ---> as in slackware 9.0 last patched version
2.4.26 ---> as in slackware 9.1 last patched version
Thanks,
Gufo
Received on Nov 09 2006
Intro
