argus exits when hit with stick
Carter Bullard
carter at qosient.com
Tue May 6 15:36:15 EDT 2003
Hey Jed,
Can you capture the packet stream using tcpdump, and
then we'll play it back through argus. If it dumps, then
I can probably fix it.
Carter
> -----Original Message-----
> From: owner-argus-info at lists.andrew.cmu.edu
> [mailto:owner-argus-info at lists.andrew.cmu.edu] On Behalf Of Jed Haile
> Sent: Tuesday, May 06, 2003 2:30 PM
> To: argus-info at lists.andrew.cmu.edu
> Subject: argus exits when hit with stick
>
>
> Hello All,
>
> I have been running argus 2.0.5 on a redhat 7.3 system. When I run
> stick (an intrusion detection testing tool) against the system argus
> writes a message to syslog: "ArgusUpdateFRAGState (0x87d8f38, 1) no
> extension buffer" and then exits. Stick generates many fragmented
> packets, and other nasty stuff from many random sources, and
> I suspect
> this is the problem.
>
> I ran it in a debugger, and it is definitely exiting via
> ArgusShutDown,
> and not segfaulting or otherwise failing.
>
> Anything I can do to help argus handle this situation?
>
> Thanks,
> Jed
>
>
>
>
More information about the argus
mailing list