[Oisf-users] Suricata 5.0.0 randomly stops running
Leonard Jacobs
ljacobs at netsecuris.com
Thu Nov 21 05:57:28 UTC 2019
Is there any estimate when this issue will have a patch or fix or new revision?
Thanks.
Leonard
From: Leonard Jacobs <leonard.jacobs at view.com>
To: Michał Purzyński <michalpurzynski1 at gmail.com>
Cc: "oisf-users at lists.openinfosecfoundation.org" <oisf-users at lists.openinfosecfoundation.org>
Sent: 11/19/2019 7:47 AM
Subject: Re: [Oisf-users] Suricata 5.0.0 randomly stops running
Seems like it make sense to disable SMB detection until this issue is fixed.
From: Michał Purzyński <michalpurzynski1 at gmail.com>
Sent: Monday, November 18, 2019 6:14 PM
To: Leonard Jacobs <leonard.jacobs at view.com>
Cc: oisf-users at lists.openinfosecfoundation.org
Subject: Re: [Oisf-users] Suricata 5.0.0 randomly stops running
Does "stops running" mean it crashes? If so, can you get the core file?
Might not be related, but do you have SMB traffic in your network? I just stumbled upon this bug (it might be something else for you of course) https://redmine.openinfosecfoundation.org/issues/3342?issue_count=191&issue_position=1&next_issue_id=3341
On Mon, Nov 18, 2019 at 5:48 AM Leonard Jacobs <leonard.jacobs at view.com> wrote:
Ever since we went to Suricata 5.0.0, our installation randomly stops and we have to restart Suricata. At first, we thought the script that starts Suricata was failing but we manually start it at a command line and experience the same issue.
Running Suricata on Ubuntu 18.04 with 350 GB SSD, Xeon processor, and 8 GB of RAM. Suricata is configured to just listen to network traffic on one gig ethernet port.
How can I find out what is causing this problem?
Thanks.
Leonard
This message and any attachments may contain confidential information of View, Inc. If you are not the intended recipient you are hereby notified that any dissemination, copying or distribution of this message, or files associated with this message, is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and delete the message from your computer.
_______________________________________________
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
Conference: https://suricon.net
Trainings: https://suricata-ids.org/training/
This message and any attachments may contain confidential information of View, Inc. If you are not the intended recipient you are hereby notified that any dissemination, copying or distribution of this message, or files associated with this message, is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and delete the message from your computer.
_______________________________________________
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
Conference: https://suricon.net
Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20191121/13dfc220/attachment-0001.html>
More information about the Oisf-users
mailing list