Open 15w34r0n3D4y opened 8 years ago
stamparm
commented
8 years ago Well, it waits for the first next SYN (TCP connection attempt) at the sensor after the port scanning. Basically, if you do any kind of connection attempt afterwards it will write the heuristics for the scanning attempt (if any).
stamparm
commented
8 years ago @15w34r0n3D4y please update to the latest revision. Now the "flushing" part (of port scanning heuristics) should occur much often (on any sniffed packet)
15w34r0n3D4y
commented
8 years ago Ok updated but problem still here, sensor shutdown and all I can see sensors restart again and stop on [?] progress: 53/54 (98%) and software which I ping closed too (it is strange).
Now I can't see when is sensor shutdown (no time) and where stop ping (which is latest IP pinged)...
stamparm
commented
8 years ago Most probably memory related. How much RAM do you have there?
15w34r0n3D4y
commented
8 years ago Probably because I have only 1gb.
MikhailKasimov
commented
2 years ago @15w34r0n3D4y Hello! After 7 years wanna ask a question: could you re-run the lastest version/revision of Maltrail and to check again. Or can current issue be closed? Thank you!
When I scan IPs range sensor shutdown and need scan again... Where is problem? Is there timeout for sensor or what?