[Zeek] tcmalloc large alloc
Rogers, Zach
Zach.Rogers at oregonstate.edu
Wed Mar 27 10:58:10 PDT 2019
Thanks Seth, much appreciated!
--
Zach Rogers
Lead Security Analyst
Security and Network Monitoring
Oregon Research & Teaching Security Operations Center (ORTSOC)
Phone: 541.737.7723
GPG Fingerprint: ECC5 03A6 7E91 17C6 50C6 8FAC D6A0 8001 2869 BD52
On Wed, Mar 27, 2019 at 10:57 AM -0700, "Seth Hall" <seth at corelight.com<mailto:seth at corelight.com>> wrote:
On 27 Mar 2019, at 11:54, Zander Work wrote:
> The first two showing ??:0 makes sense b/c those are memory addresses.
> It looks like the PE analyzer might be the culprit but I'm not sure.
Yep, I knew the first two would look like that. It's ASLR being applied
to glibc function (which is fine and not what I was interested in
anyway). It did end up showing what I expected it to. I'll look around
a little bit and see if anything makes sense.
Thanks!
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190327/cb413a47/attachment.html
More information about the Zeek
mailing list