|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Kirk Ismay (captain
netidea.com)Date: Wed Jun 20 2001 - 14:19:22 CDT
I had snort pick some odd traffic up today. It comes from a number of different
hosts all directed at one of our servers, every few minutes. I am pretty much
experimenting with snort at this point.
Has anyone seen this before, and is it legitimate?
[**] MISC Large ICMP Packet [**]
06/20-11:12:47.264473 0:80:C8:CA:4E:79 -> 0:80:8C:84:D7:74 type:0x800 len:0x59A
146.228.203.228 -> myserversip ICMP TTL:237 TOS:0x0 ID:48715 IpLen:20 DgmLen:1420 DF
Type:8 Code:0 ID:104 Seq:62867 ECHO
6D 61 69 6C 74 6F 3A 6F 70 73 40 64 69 67 69 73 mailto:opsdigis
6C 65 2E 63 6F 6D 20 66 6F 72 20 71 75 65 73 74 le.com for quest
69 6F 6E 73 20 20 20 20 54 68 69 73 20 49 43 4D ions This ICM
50 20 45 43 48 4F 20 52 45 51 55 45 53 54 2F 52 P ECHO REQUEST/R
45 50 4C 59 20 69 73 20 70 61 72 74 20 6F 66 20 EPLY is part of
74 68 65 20 72 65 61 6C 2D 74 69 6D 65 20 6E 65 the real-time ne
74 77 6F 72 6B 20 6D 6F 6E 69 74 6F 72 69 6E 67 twork monitoring
70 65 72 66 6F 72 6D 65 64 20 62 79 20 44 69 67 performed by Dig
69 74 61 6C 20 49 73 6C 61 6E 64 20 49 6E 63 2E ital Island Inc.
20 20 49 74 20 69 73 20 6E 6F 74 20 61 6E 20 61 It is not an a
74 74 61 63 6B 2E 20 20 49 66 20 79 6F 75 20 68 ttack. If you h
61 76 65 71 75 65 73 74 69 6F 6E 73 20 70 6C 65 avequestions ple
61 73 65 20 63 6F 6E 74 61 63 74 20 6F 70 73 40 ase contact ops
64 69 67 69 73 6C 65 2E 63 6F 6D 00 00 00 00 00 digisle.com.....
-- Sincerely, Kirk Ismay ________________________________________________________________________ The Net Idea Telecommunications Inc Support: tech
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]