Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to fix the vulnerabilities

From: James Riden <j.riden () massey ac nz>
Date: Thu, 23 Sep 2004 11:06:44 +1200
Aguiar Magalhaes <magalhj () yahoo com br> writes:


Hi list,

I´m using the snort-2.2.0... 

I´ve received a lot of alerts and I´d like to know how
fix these vulnerabilities (Where can I get these
informations ??)

Please, help me

Exemples: 

[1:466:4] ICMP L3retriever Ping [Classification:
Attempted Information Leak] [Priority: 2]: {ICMP}... 

[1:480:5] ICM PING speedera [Classification: Misc
activity] [Priority: 3]: {ICMP}...


Not a vulnerability, just for information's sake. Please don't turn
off all ICMP, that breaks more things than it fixes.


[1:1852:3] WEB-MISC robots.txt access ...


Someone fetched /robots.txt which is a file which says which
(well-behaved) web crawlers are allowed to access web sites. Google
amongst others will do this - in which case you should see "googlebot"
as the user-agent for the /robots.txt in your httpd logs.

If you want to know more, check out the references in the signatures.

cheers,
 Jamie
-- 
James Riden / j.riden () massey ac nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/




-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: