Snort mailing list archives
Re: Help Required can someone help me
From: Sonika Malhotra <sonikam () magnum barc ernet in>
Date: Fri, 15 Mar 2002 12:02:45 +0530
Hi, u can follow these links and with the corresponding sid no. get the information. http://online.securityfocus.com/bid http://cve.mitre.org/cve or the snort signature database available at www.snort.org. sm Ali wrote:
We have just installed snort. And since i am new to it there are some queries i would like someone from you to answer. What do the following alerts mean they just keep on coming to me. 1] ICMP Destination unreachable 2] ICMP echo reply 3] ICMP ping 4] Large ICMP packet 5] Time to live exceeded. 6] Info ICQ access 7] Infor MSN chat access 8] spp_portscan, end of portscan 9] spp_portscan, portscan status 10] spp_portscan, portscan detected 11] SHELLCODE x86 NOOP [Classification: Executable code was detected] 12] SHELLCODE x86 setgid 13] Web Cgi calender access 14] view source via translate header 15] web misc 403 forbidden I would be really thankfull if someone is able to guide me through these points. I would also appreciate if someone gives me his chat id or phone number to chat with and sort these points out. Thanx in advance Rgds
Current thread:
- Help Required can someone help me Ali (Mar 14)
- Re: Help Required can someone help me Sonika Malhotra (Mar 14)