[Gloucs] My Snort dies when nmapped?

[Guy Edwards]

Hi,

Like it says on the title, my Snort seems to die (without any message)
when nmapped.

I installed Debian 3.0 on a Dec Alpha and upgraded with Debian testing 
to Snort 2.0.1, libpcap-0.7, kernel 2.4.22

My complete Snort command is:

/usr/bin/snort -m 027 -D -S HOME_NET=[any] -c /etc/snort/snort.conf --->
---> -l /var/log/snort -d -u snort -g snort -i any -o

ps ax | grep -i snort shows it running fine

I then run nmap v3.00 against the interface from another machine. 
nmap -O ipaddress 

/var/log/snort/alerts and portscan log files register the attack and
then doing another ps ax, the snort process has died.

The only thing I could think of was to upgrade to the latest snort 2.0.2
but I wanted to check I hadn't missed something daft. I know there's a
few snort addicts on the list, I was wondering if anyone might know?

I didn't see anything on the snort FAQ that I thought applied.

Thanks
Guy

-- 
Guy Edwards <guy_j_edwards at HotPOP.com>