ICMP Destination Unreachable in SNORT

["Grimes, Shawn (NIA/IRP)" <GrimesSh () grc nia nih gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm getting ICMP Destination Unreachable alerts in SNORT from a dial
up user.  It seems the original destination IP is to x.x.255.255
(x.x. being the first two octets of our range).  The router is
filtering these packets (hence why I get the ICMP destination
unreachable).  My question is, is this a misconfigured box? If so,
what is misconfigured?  Is this a compromised box?

Any ideas? Do you need additional information?

Thank You,
Shawn Grimes
Computer Specialist
NCTS - Gerontology Research Center
410-558-8007
grimessh () grc nia nih gov 


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPRCgrFKuo2WZJKgKEQKhYQCgrrNFQtRI2UOHQTKpS8rRy53n86UAn12X
CiqxqYxDqHSuG9BSqNk/84en
=SYVB
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com