-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm getting ICMP Destination Unreachable alerts in SNORT from a dial up user. It seems the original destination IP is to x.x.255.255 (x.x. being the first two octets of our range). The router is filtering these packets (hence why I get the ICMP destination unreachable). My question is, is this a misconfigured box? If so, what is misconfigured? Is this a compromised box? Any ideas? Do you need additional information? Thank You, Shawn Grimes Computer Specialist NCTS - Gerontology Research Center 410-558-8007 grimesshat_private -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPRCgrFKuo2WZJKgKEQKhYQCgrrNFQtRI2UOHQTKpS8rRy53n86UAn12X CiqxqYxDqHSuG9BSqNk/84en =SYVB -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jun 19 2002 - 09:02:02 PDT