Snort mailing list archives

snort 2.0.1

From: "Luo, Philip" <Philip_Luo () adp com>
Date: Wed, 6 Aug 2003 15:03:08 -0400

I am getting a lot of this when I snort -c /etc/snort/snort.conf

returning! TCP (2) IP (0) UDP (0)

when I kill it

============================================================================
===
Snort analyzed 10480 out of 12012 packets, dropping 1532(12.754%) packets

Breakdown by protocol:                Action Stats:
    TCP: 8174       (68.049%)         ALERTS: 93
    UDP: 72         (0.599%)          LOGGED: 184
   ICMP: 3          (0.025%)          PASSED: 0
    ARP: 5          (0.042%)
  EAPOL: 0          (0.000%)
   IPv6: 0          (0.000%)
    IPX: 0          (0.000%)
  OTHER: 15         (0.125%)
DISCARD: 1          (0.008%)
============================================================================
===
Wireless Stats:
Breakdown by type:
    Management Packets: 0          (0.000%)
    Control Packets:    0          (0.000%)
    Data Packets:       0          (0.000%)
============================================================================
===
Fragmentation Stats:
Fragmented IP Packets: 4          (0.033%)
    Fragment Trackers: 2
   Rebuilt IP Packets: 0
   Frag elements used: 0
Discarded(incomplete): 0
   Discarded(timeout): 0
  Frag2 memory faults: 0
============================================================================
===
TCP Stream Reassembly Stats:
        TCP Packets Used: 6786       (56.494%)
         Stream Trackers: 94
          Stream flushes: 30
           Segments used: 40
   Stream4 Memory Faults: 0
============================================================================
===
database: Closing connection to database "snort"
Snort exiting

Philip

Current thread:

snort 2.0.1 Luo, Philip (Aug 06)
- Re: snort 2.0.1 Matt Kettler (Aug 06)
- <Possible follow-ups>
- RE: snort 2.0.1 Luo, Philip (Aug 06)
  - RE: snort 2.0.1 Matt Kettler (Aug 07)