[Silicon Defense logo]

SnortSnarf alert page

Source: 192.168.1.4: #1-100

SnortSnarf v021111.1

Signature section (91123)Top 20 source IPsTop 20 dest IPs

Looking using input module SnortFileInput, with sources:
Earliest: 16:47:36.754413 on 04/22/2003
Latest: 20:37:04.836216 on 05/14/2003

7 different signatures are present for 192.168.1.4 as a source

There are 5 distinct destination IPs in the alerts of the type on this page.

192.168.1.4 Whois lookup at: ARIN RIPE APNIC Geektools
DNS lookup at: Amenesi TRIUMF Princeton
More lookup links: Dshield Sam Spade
See also 192.168.1.4 as an alert destination [69 alerts]

Go to: next range, all alerts, overview page
[**] [1:1415:2] SNMP Broadcast request [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/22-16:47:36.754413 192.168.1.4:1903 -> 255.255.255.255:161
UDP TTL:128 TOS:0x0 ID:32950 IpLen:20 DgmLen:265
Len: 237
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012]
[**] [1:1415:2] SNMP Broadcast request [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/22-16:47:37.322816 192.168.1.4:1903 -> 255.255.255.255:161
UDP TTL:128 TOS:0x0 ID:32952 IpLen:20 DgmLen:267
Len: 239
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012]
[**] [1:1415:2] SNMP Broadcast request [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/22-16:47:37.885473 192.168.1.4:1903 -> 255.255.255.255:161
UDP TTL:128 TOS:0x0 ID:32954 IpLen:20 DgmLen:265
Len: 237
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012]
[**] [1:1411:3] SNMP public access udp [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/22-16:47:38.471311 192.168.1.4:1907 -> 192.168.1.1:161
UDP TTL:128 TOS:0x0 ID:32959 IpLen:20 DgmLen:66
Len: 38
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0517]
[**] [1:1411:3] SNMP public access udp [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/22-16:47:38.472871 192.168.1.4:1907 -> 192.168.1.1:161
UDP TTL:128 TOS:0x0 ID:32960 IpLen:20 DgmLen:70
Len: 42
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0517]
[**] [1:1411:3] SNMP public access udp [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/22-16:47:38.501302 192.168.1.4:1907 -> 192.168.1.1:161
UDP TTL:128 TOS:0x0 ID:32963 IpLen:20 DgmLen:66
Len: 38
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0517]
[**] [1:1411:3] SNMP public access udp [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/22-16:47:38.502758 192.168.1.4:1907 -> 192.168.1.1:161
UDP TTL:128 TOS:0x0 ID:32964 IpLen:20 DgmLen:70
Len: 42
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0517]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/26-16:51:49.826251 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:10721 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:7936 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/26-16:51:52.214938 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:10723 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:8192 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/26-16:52:28.921008 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:10740 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:8448 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/26-16:52:31.216474 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:10741 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:8704 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/26-16:52:40.469073 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:10748 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:8960 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
04/26-16:52:42.717017 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:10749 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:9216 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:1415:2] SNMP Broadcast request [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/08-16:58:19.674391 192.168.1.4:4682 -> 255.255.255.255:161
UDP TTL:128 TOS:0x0 ID:57747 IpLen:20 DgmLen:84
Len: 56
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012]
[**] [1:1415:2] SNMP Broadcast request [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/08-17:02:11.602148 192.168.1.4:4691 -> 255.255.255.255:161
UDP TTL:128 TOS:0x0 ID:57810 IpLen:20 DgmLen:84
Len: 56
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012]
[**] [1:1415:2] SNMP Broadcast request [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/08-17:03:53.083609 192.168.1.4:4694 -> 255.255.255.255:161
UDP TTL:128 TOS:0x0 ID:61074 IpLen:20 DgmLen:84
Len: 56
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012]
[**] [1:1415:2] SNMP Broadcast request [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/08-17:10:08.254004 192.168.1.4:1078 -> 255.255.255.255:161
UDP TTL:128 TOS:0x0 ID:484 IpLen:20 DgmLen:84
Len: 56
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012]
[**] [1:1415:2] SNMP Broadcast request [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/08-17:13:54.013625 192.168.1.4:1104 -> 255.255.255.255:161
UDP TTL:128 TOS:0x0 ID:947 IpLen:20 DgmLen:84
Len: 56
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0013][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0012]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-19:47:16.901950 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:57470 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:19977 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-19:47:18.997680 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:57474 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:20233 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-19:47:55.719567 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:57532 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:20489 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-19:47:57.999155 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:57535 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:20745 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-19:48:07.250586 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:57590 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:21001 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-19:48:09.499563 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:57594 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:21257 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-20:01:16.550077 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:58886 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:22025 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-20:01:19.006153 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:58892 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:22281 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-20:01:27.805252 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:58914 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:22537 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-20:01:30.006732 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:58917 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:22793 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-20:01:55.729635 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:58998 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:23049 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-20:01:58.007729 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:59001 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:23305 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-20:02:07.240110 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:59017 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:23561 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-20:02:09.488138 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:59021 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:23817 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:20:46.040191 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:1572 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:29705 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:20:48.048157 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:1576 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:29961 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:20:57.284524 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:1595 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:30217 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:20:59.548596 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:1599 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:30473 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:21:24.739067 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:1643 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:30729 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:21:27.049533 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:1682 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:30985 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:21:36.301208 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:1698 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:31241 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:21:38.549959 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:1702 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:31497 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:30:57.868963 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:2613 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:32265 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:31:00.058968 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:2616 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:32521 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:31:36.718283 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:2673 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:32777 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:31:39.060335 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:2676 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:33033 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:31:48.311981 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:2692 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:33289 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:31:50.560168 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:2696 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:33545 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:41:41.822743 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20906 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:35081 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:41:44.080149 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20909 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:35337 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:42:20.714216 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20967 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:35593 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:42:23.071451 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20970 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:35849 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:42:32.323797 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:21020 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:36105 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/11-21:42:34.572026 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:21024 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:36361 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-00:35:02.688335 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:27574 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:45321 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-00:35:05.180581 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:27575 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:45577 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-00:35:41.840668 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:27595 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:45833 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-00:35:44.181999 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:27596 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:46089 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-00:35:53.434533 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:27603 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:46345 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-00:35:55.682413 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:27604 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:46601 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:06:32.274031 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:47215 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:42763 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:06:34.637300 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:47222 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:43019 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:06:43.889964 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:47254 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:43275 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:06:46.138021 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:47261 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:43531 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:32:28.037203 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:373 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:8204 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:32:30.160312 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:380 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:8716 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:32:39.412750 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:487 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:10764 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:32:41.660448 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:502 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:11276 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:32:48.664259 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:583 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:12812 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:32:51.160970 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:610 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:13324 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:32:59.929185 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:707 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:15116 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:33:02.161506 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:729 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:15884 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:33:10.710238 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:817 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:17676 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:33:13.161786 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:860 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:18188 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:33:15.663657 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:919 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:18956 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/12-08:33:18.161941 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:983 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:19468 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:04:36.533527 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:29944 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:33295 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:04:38.630126 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:29945 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:33551 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:05:15.290366 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:29963 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:33807 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:05:17.630834 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:29966 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:34063 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:05:24.634640 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:29972 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:34319 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:05:27.131207 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:29975 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:34575 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:05:29.633284 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:29977 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:34831 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:05:32.131481 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:29985 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:35087 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:54:01.847442 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20749 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:39695 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:54:04.161362 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20750 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:39951 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:54:40.805373 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20770 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:40207 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:54:43.162771 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20771 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:40463 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:54:50.166608 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20776 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:40719 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:54:52.663043 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20779 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:40975 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:54:55.165206 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20781 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:41231 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:54:57.663260 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20782 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:41487 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:55:58.293715 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20789 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:41743 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:56:00.665568 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20790 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:41999 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:56:03.167669 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20792 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:42255 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-17:56:05.665709 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:20793 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:42511 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-20:36:48.143345 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:23694 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:53519 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-20:36:50.335637 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:23695 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:53775 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-20:36:57.339454 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:23700 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:54031 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-20:36:59.836102 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:23703 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:54287 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-20:37:02.338044 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:23705 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:54543 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/14-20:37:04.836216 192.168.1.4 -> 192.168.1.2
ICMP TTL:32 TOS:0x0 ID:23706 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:54799 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
Go to: next range, all alerts, overview page
SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:03:55 2003