[Snort-users] spp_stream4: TTL Evasion attempt
This is a discussion on [Snort-users] spp_stream4: TTL Evasion attempt within the Snort forums, part of the System Security and Security Related category; HI Folks, I have started to see lots of "spp_stream4: TTL Evasion attempt" alerts on one of my ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-08-2004
|
|||
|
|||
[Snort-users] spp_stream4: TTL Evasion attempt
HI Folks,
I have started to see lots of "spp_stream4: TTL Evasion attempt" alerts on one of my sensors on our internal network. All the destination addresses are on our dial-in pool. So I am now trying to figure out what changed. I don't think that this is malicious traffic but I would like to figure out what is triggering the alerts. As a starter, just what type of event is the stream4 processor reporting? -- Russell Fulton, Information Security Officer, The University of Auckland New Zealand ------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 01:21 PM.
