[Oisf-users] suricata 2.0.1 segfault on nmap scan
Rogier Mars
rogier at fortytwo.nl
Fri Jun 13 21:54:27 UTC 2014
Hi,
I've been testing with suricata on a VM environment to test if I can use it in a production environment. While testing the IPS features I can repeatedly crash suricata with a core dump by running the following command:
nmap -Pn -sS -A -f 192.168.100.35
Below the error message and the build-info. If you need more info please let me know and I will provide it.
Kind regards,
Rogier
Jun 13 23:41:37 ids kernel: Detect6[10431]: segfault at e ip 00000000004c6c97 sp 00007f29c75fd3e0 error 4 in suricata[400000+1d3000]
[root at ids rules]# suricata --build-info
This is Suricata version 2.0.1 RELEASE
Features: NFQ PCAP_SET_BUFF LIBPCAP_VERSION_MAJOR=1 AF_PACKET HAVE_PACKET_FANOUT LIBCAP_NG LIBNET1.1 HAVE_HTP_URI_NORMALIZE_HOOK HAVE_NSS HAVE_LIBJANSSON PROFILING
SIMD support: SSE_3
Atomic intrisics: 1 2 4 8 16 byte(s)
64-bits, Little-endian architecture
GCC version 4.4.7 20120313 (Red Hat 4.4.7-4), C version 199901
L1 cache line size (CLS)=64
compiled with LibHTP v0.5.11, linked against LibHTP v0.5.11
Suricata Configuration:
AF_PACKET support: yes
PF_RING support: no
NFQueue support: yes
IPFW support: no
DAG enabled: no
Napatech enabled: no
Unix socket enabled: yes
Detection enabled: yes
libnss support: yes
libnspr support: yes
libjansson support: yes
Prelude support: no
PCRE jit: no
libluajit: no
libgeoip: yes
Non-bundled htp: no
Old barnyard2 support: no
CUDA enabled: no
Suricatasc install: yes
Unit tests enabled: no
Debug output enabled: no
Debug validation enabled: no
Profiling enabled: yes
Profiling locks enabled: no
Coccinelle / spatch: no
Generic build parameters:
Installation prefix (--prefix): /usr
Configuration directory (--sysconfdir): /etc/suricata/
Log directory (--localstatedir) : /var/log/suricata/
Host: x86_64-unknown-linux-gnu
GCC binary: gcc
GCC Protect enabled: no
GCC march native enabled: yes
GCC Profile enabled: no
[root at ids rules]#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140613/c0168b24/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140613/c0168b24/attachment.pgp>
More information about the Oisf-users
mailing list