[Snort-users] Alert with no data
Al Lewis (allewi)
allewi at ...589...
Wed Feb 18 14:41:36 EST 2015
Can you provide a conf file and the command you are using to start snort?
Also some sample traffic that is triggering the events if possible.
QA Software Engineer
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi at ...589...
From: Beto C [mailto:beto.cuevas.v at ...11827...]
Sent: Wednesday, February 18, 2015 2:33 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Alert with no data
I have noticed that my implementation of snort has generated alerts with no data and ever show how source and destination IP 0.0.0.0.
I have no idea what may be happening. This only happens, for the moment, with alert POLICY-ICMP Truncated ICMPv6 denial of service attempt (27611). The server logs, do not show anything that might help. Hope you can help.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users