[Snort-users] small ?

tomb at ...10629... tomb at ...10629...
Mon Nov 24 10:33:01 EST 2003


when i run Snort -D and i tail -f my log file  i get a bunch of
alert like this
[**] [1:483:2] ICMP PING CyberKit 2.2 Windows [**]
[Classification: Misc activity] [Priority: 3]
11/18-09:58:36.586829 my.ip -> y.y.y.y
ICMP TTL:127 TOS:0x0 ID:4826 IpLen:20 DgmLen:92
Type:8  Code:0  ID:512   Seq:60000  ECHO
[Xref => http://www.whitehats.com/info/IDS154]

so my question is why?\

THK
Tom





More information about the Snort-users mailing list