Was a 2 GB limit on snort v1.9.1 logs a real problem with that version of snort, or is it a limit imposed because of something else on the system? Its not related to the kernel, since its a 2.4.x kernel which had big file size enabled by default. So it has to be something else. I've been searching on google/groups.google but havent come up with anytthing concrete yet. More searching to commence later.

In either case, I should update to the latest version of snort, and I would have done that a long time ago, if only the snort 1.9.1 had not been highly modified by the last sys admin. Now I have to slowly make the same modifications to snort v2.3.0 before I can start using it, with an upgraded version of Linux. Further the system is generating humungous log files, 2 gigs or so each hour. Have to rotate it every 55 minutes. More detailed analysis later.... I first have to finish my other unfinished tutorials ! :)

I've been too busy enjoying World of Warcraft on the G4 at the moment.