[Snort-users] ICMP DB Issues

Joshua Berry jberry at ...11848...
Tue Jul 20 11:05:03 EDT 2004

I have had an issue for some time where I will get alerts such as "DDOS
- TFN client command LE" which revolves around the ICMP ID, ICMP
Sequence, and Type.  However, the ICMP ID and Sequence is NEVER entered
into the database, just the Type and Code.  Has anyone else noticed

Josh Berry, CISSP & MCSE 
Information Security
If you spend more on coffee than on IT security, you will be hacked. 
What's more, you deserve to be hacked. 
     -- (Former) White House Cybersecurity adviser Richard Clarke 

More information about the Snort-users mailing list