Snort mailing list archives
Re: Newbie "what does this mean" question
From: Alberto Gonzalez <ag-snort () cerebro violating us>
Date: Fri, 18 Oct 2002 15:10:00 -0700
first, IMHO you should upgrade your snort distribution. (eg 1.9.0 http://www.snort.org/dl/snort-1.9.0.tar.gz) actually its pretty sel explanatory what this is, ICMP _destination unreachable_. Alot of things could cause this.
I usally get these messages from my ISP's router. Ian Hunter wrote:
I'm running snort-1.8.4-3 on SuSE 8.0, and I'm getting TONS of messages that
look like:
Oct 18 14:38:19 lucy snort: [1:485:2] ICMP Destination Unreachable
(Communication Administratively Prohibited) [Classification: Misc activity]
[Priority: 3]: {ICMP} 130.59.33.17 -> 192.168.1.20
The FAQ says ignore it unless there are lots, and if there are lots, figure
out where they're coming from. ???
What causes this?
Thanks!
-- The secret to success is to start from scratch and keep on scratching. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort-1.9.0-win32.exe Tom Morgan (Oct 18)
- Re: Snort-1.9.0-win32.exe Roman Danyliw (Oct 18)
- Newbie "what does this mean" question Ian Hunter (Oct 18)
- Re: Newbie "what does this mean" question Alberto Gonzalez (Oct 18)
- Re: Newbie "what does this mean" question Ian Hunter (Oct 18)
- Newbie "what does this mean" question Ian Hunter (Oct 18)
- Re: Snort-1.9.0-win32.exe Roman Danyliw (Oct 18)
- <Possible follow-ups>
- RE: Snort-1.9.0-win32.exe Tom Morgan (Oct 18)
- RE: Snort-1.9.0-win32.exe Tom Morgan (Oct 21)
- RE: Snort-1.9.0-win32.exe Slighter, Tim (Oct 21)