![[Silicon Defense logo]](../SDlogo.gif)
|
SnortSnarf signature pageICMP Large ICMP PacketSnortSnarf v021111.1 |
| Signature section (91123) | Top 20 source IPs | Top 20 dest IPs |
62 alerts with this signature using input module SnortFileInput, with sources:
Earliest such alert at 22:20:50.351506 on 04/17/2003
Latest such alert at 14:42:59.987788 on 06/10/2003
| ICMP Large ICMP Packet | 5 sources | 3 destinations |
| Priority: 2 | Classification: Potentially Bad Traffic | |
| [sid:499] [arachNIDS:246] | ||
| Source | # Alerts (sig) | # Alerts (total) | # Dsts (sig) | # Dsts (total) |
| 66.185.146.249 | 31 | 31 | 3 | 3 |
| 66.185.147.5 | 17 | 17 | 2 | 2 |
| 24.29.1.179 | 8 | 8 | 1 | 1 |
| 24.29.1.133 | 3 | 3 | 1 | 1 |
| 24.29.1.81 | 3 | 3 | 1 | 1 |
| Destinations | # Alerts (sig) | # Alerts (total) | # Srcs (sig) | # Srcs (total) |
| 192.168.1.103 | 52 | 58 | 5 | 8 |
| 192.168.1.4 | 8 | 69 | 2 | 11 |
| 192.168.1.105 | 2 | 29 | 1 | 9 |