[Snort-sigs] Signature Definition #460, 5 of 20 and Signature Definition # 458
bmc at ...95...
Tue Jun 10 11:16:05 EDT 2003
On Tue, Jun 10, 2003 at 08:27:03AM -0700, Steven Alexander wrote:
> There are tools that will craft any sort of packet that you want
> (sendip). I just haven't seen any tool that uses unassigned icmp types
> to exploit or test for any sort of vulnerability. I haven't seen a tool
> that sends such a packet without the user having to specifically choose
> the options. If you have a tool that uses these options to exploit or
> test for a vulnerability I would love to know what you're using.
while I havn't seen it in an exploit, I have seen odd icmp types &
codes used in conjunction with backdoors, network stack profiling, and
More information about the Snort-sigs