[Oisf-users] Odd Suricata and Barnyard2 problem
Peter Bates
peter.bates at ucl.ac.uk
Wed Nov 23 15:38:39 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello again all
On 23/11/2011 14:35, Peter Bates wrote:
> Has anyone seen this behaviour before and can suggest a fix?
Apologies for replying to my own post.
Cross-checking on the same box - Snort 2.9.1.2 does not exhibit this
behaviour.
Does Suricata possibly write an inconsistent unified2 log under load?
I'm struggling to see why the two applications both produce unified2
files - but barnyard2 generates one tcpdump file for Snort and a
constantly growing number from Suricata.
- --
Peter Bates
Senior Computer Security Officer Phone: +44(0)2076792049
Information Services Division Internal Ext: 32049
University College London
London WC1E 6BT
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJOzRN/AAoJELhVoVpEMS6Re9oH/0nF9QVLMdqgWuoSKvAtPUt5
pQp7bxFLMC3/j1goGv3ct+Mz29DsKL7mB74B+uKqsDMxnJ7jBeaPql7B71Koc+cf
PneThUR6RxdUoKXhLkaXUsQhUGmr9G5uZMgIz+YdGKBiEltToDuamgSvqzySwq3H
XJTQX5nHduqyal9S6j+vIVTuiidfyBXhbhb+gPuJz5RYrYhgEE4DAeo88dSetl1s
WuXJ/cCT1sqTT6KC9v4H5QLz4QS961JueWUWGdQOw3Ad3l3ZU6P4VWj37mpL5jmV
lZG7OUYJujo4EcQKqt8neIDsVw7kzYIza5cmWewYC3++Wz6mkjQgTJPCHb2sek4=
=hV/4
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list