[Snort-users] Alerts of the ICMP relationship with smtp connection?
This is a discussion on [Snort-users] Alerts of the ICMP relationship with smtp connection? within the Snort forums, part of the System Security and Security Related category; Hi, I am using Snort version Version 2.3.2 (Build 12). I have in my snort logs the alerts: ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-24-2005
|
|||
|
|||
[Snort-users] Alerts of the ICMP relationship with smtp connection?
Hi,
I am using Snort version Version 2.3.2 (Build 12). I have in my snort logs the alerts: 366 - ICMP Ping *nix 384 - ICMP Ping 368 - Ping BSDtype I investigated my others systems logs and in the time that this alert is recorded is the same that registered smtp connection in the maillog arquive from my postfix server. The source IP address in snort's log is equal the destination IP address in the maillog to smtp connection. This alerts can to be generated by my mail server when it sends mails? This alerts is a false positive? Thanks by help __________________________________ Discover Yahoo! Have fun online with music videos, cool games, IM and more. Check it out! http://discover.yahoo.com/online.html ------------------------------------------------------- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
