![[Silicon Defense logo]](../SDlogo.gif)
|
SnortSnarf signature pageICMP L3retriever PingSnortSnarf v021111.1 |
| Signature section (91123) | Top 20 source IPs | Top 20 dest IPs |
168 alerts with this signature using input module SnortFileInput, with sources:
Earliest such alert at 14:58:29.801086 on 04/26/2003
Latest such alert at 16:30:49.102336 on 05/21/2003
| ICMP L3retriever Ping | 5 sources | 2 destinations |
| Priority: 2 | Classification: Attempted Information Leak | |
| [sid:466] [arachNIDS:311] | ||
| Source | # Alerts (sig) | # Alerts (total) | # Dsts (sig) | # Dsts (total) |
| 192.168.1.4 | 100 | 4196 | 1 | 5 |
| 192.168.1.3 | 49 | 49 | 1 | 1 |
| 192.168.1.102 | 9 | 21 | 2 | 3 |
| 192.168.1.101 | 6 | 6 | 1 | 1 |
| 192.168.1.100 | 4 | 4 | 1 | 1 |
| Destinations | # Alerts (sig) | # Alerts (total) | # Srcs (sig) | # Srcs (total) |
| 192.168.1.2 | 167 | 175 | 5 | 8 |
| 192.168.1.3 | 1 | 57 | 1 | 2 |