Re: Snort 1.6 and nmap 2.54beta1

[galileo () MAILANDNEWS COM (Galileo)]

> What parameters had you given snort?

-vl /temp/snort or just -l /temp/snort

> What ruleset are you using? (could be triggered by preprocessor)

no rulset.If used with ruleset snort works fine.

snort -vc snort-lib ( or 06082k.rules ) -l /temp/snort   and everything is
okay.
I'm sorry abouth this it loks like I alarmed a lot of people without a
reason since very few people use snort withouth a ruleset.
When I found this I was playing with snort for the first time.
It looks like  when a ruleset is applied all errors disapear.
for example -vdC after a couple of minutes gives a "garbled" screen and you
have to logout to restore the screen or
-vd gives this kind of error : "Got NULL ptr in PrintNetData" but still
continues to work.
But when a ruleset is applied no errors apear.

> What is your network topology?

I don't realy have a network :) .One machine with a vmware virtual machine
on top of it and virtual network betwen them.