Actions
Bug #159
closedFP on suricata v0.9.0 and today git with icmp not size zero
Affected Versions:
Effort:
Difficulty:
Label:
Description
Hi,
First, thx you all for your good work!
I have a FP with joigned pcap:
09/03/08-08:15:15.425081 [**] [1:469:3] ICMP PING NMAP [**] [Classification: Attempted Information Leak] [Priority: 3] {1} 172.26.16.45:8 -> 172.26.9.163:0
I resend old signature id 469:
alert icmp any any -> any any (msg:"ICMP PING NMAP"; dsize:0; itype:8; classtype:attempted-recon; sid:469; rev:3;)
Anyone confirm this FP please? (alert with suricata v0.9.0 and suricata git today)
Regards
Rmkml
Files
Updated by Victor Julien over 14 years ago
- Due date set to 05/21/2010
- Assignee set to OISF Dev
- Target version set to 0.9.1
- Estimated time set to 2.50 h
Updated by rmkml rmkml over 14 years ago
Hi,
Since git on date 17 may, pb is resolved.
git today {20 may} (b629b7c5c1e2ad6c91b97b6708ad9ddc6a674502) is resolved again.
pb resolved.
Regards
Rmkml
Updated by Victor Julien over 14 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
- Estimated time changed from 2.50 h to 0.00 h
Original reporter reports that the issue is fixed, closing.
Actions