ok, I put a new box together with enough memory for snort (the BTX issue which was stupid to ask, so sorry), and here is a sample of my logs. I am not sure what all of this means, but it doesn't look good.
snort2c[864]: SIGTERM received - exiting Feb 5 13:57:32 snort2c[864]: SIGTERM received - exiting Feb 5 13:57:32 snort[851]: Daemon parent exiting Feb 5 13:57:32 snort[851]: Daemon parent exiting Feb 5 13:57:30 snort[851]: Child exited unexpectedly Feb 5 13:57:30 snort[851]: Child exited unexpectedly Feb 5 13:57:29 snort[866]: FATAL ERROR: Failed to Lock PID File "/var/run//snort_fxp0.pid" for PID "866" Feb 5 13:57:29 snort[866]: FATAL ERROR: Failed to Lock PID File "/var/run//snort_fxp0.pid" for PID "866" Feb 5 13:57:29 snort[866]: PID path stat checked out ok, PID path set to /var/run/ Feb 5 13:57:29 snort[866]: PID path stat checked out ok, PID path set to /var/run/ Feb 5 13:57:29 snort[866]: Var 'fxp0_ADDRESS' redefined Feb 5 13:57:29 snort[866]: Var 'fxp0_ADDRESS' redefined Feb 5 13:57:29 snort[851]: Initializing daemon mode Feb 5 13:57:29 snort[851]: Initializing daemon mode Feb 5 13:57:29 snort[851]: , value = 192.168.1.0/255.255.255.0 Feb 5 13:57:29 snort[851]: , value = 192.168.1.0/255.255.255.0 Feb 5 13:57:29 snort[851]: Var 'fxp0_ADDRESS' defined, value len = 25 chars Feb 5 13:57:29 snort[851]: Var 'fxp0_ADDRESS' defined, value len = 25 chars Feb 5 13:57:29 snort[851]: Warning: flowbits key 'ms_sql_seen_dns' is checked but not ever set. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'ms_sql_seen_dns' is checked but not ever set. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'fkwp_conn_suc_cts' is set but not ever checked. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'fkwp_conn_suc_cts' is set but not ever checked. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'backdoor.charon.download.log.1' is checked but not ever set. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'backdoor.charon.download.log.1' is checked but not ever set. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'optixlite_fai_conn_cts' is set but not ever checked. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'optixlite_fai_conn_cts' is set but not ever checked. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'dce.bind.netware_cs' is checked but not ever set. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'dce.bind.netware_cs' is checked but not ever set. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'odf.file' is set but not ever checked. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'odf.file' is set but not ever checked. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'dce.bind.veritas' is set but not ever checked. Feb 5 13:57:29 snort[851]: Warning: flowbits key 'dce.bind.veritas' is set but not ever checked. >>> [EMAIL PROTECTED] 2/5/2007 11:23 AM >>> On 2/5/07, Bill Roth <[EMAIL PROTECTED]> wrote: > is 512 enough? or should I move to a system that has 1 gig? I would follow what the release caveats page states. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
