[Snort-users] Newbie: why so many ICMPs?

John Bertagnolli ijbert at ...3027...
Thu Jul 8 07:22:01 EDT 2004


Alex -

Thanks for the reply.

> ... Note that if you've enabled the firewall during the Fedora 
> installation, it will, IIRC, generate ICMP Admin Prohibited messages 
> for incoming connections that it rejects.

I do have the Fedora firewall enabled. The last rule says to reject 
(everything else not accepted) with icmp-host-prohibited.

Thanks for the tip.

John





More information about the Snort-users mailing list