[Snort-sigs] ICMP Echo Request
bmc at ...95...
Mon Sep 10 17:13:01 EDT 2001
According to Jeffrey C. Ollie:
> I don't know why, but there doesn't seem to be rules for ICMP echo
> requests in snort's default rulesets. Anyway, here are the rules that
> I came up with:
Did you look through icmp-info.rules?
ICMP PING - sid 384
ICMP PING (undefined code) - sid 365
I've moved ICMP PING undefined code to the bottom of icmp-info.rules
where it should be, but it was there none the less.
More information about the Snort-sigs