argus and snort ?
Russell Fulton
r.fulton at auckland.ac.nz
Mon Sep 11 01:28:12 EDT 2000
Hi All,
I have just noticed that one of my argus recorders seems to be
missing packets, the irony is that the one loosing data is a 500MHz
machine and the other is 166MHz.
When I kill the argus suspect argus process it reports:
263828758 packets recv'd by filter
0 packets dropped by kernel
I have recently started running snort on the same machine (a FreeBSD
4.1 box) and I am wondering if there is some interaction that means
that argus is not getting some of the packets.
Any ideas?
Cheers, Russell.
More information about the argus
mailing list