This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Could you tell me what trigger snort

Is - in a common easy way [:)]

And could you in that same reply tell me if something about this?

2014:05:14-23:29:45 luna-1 ulogd[5334]: id="2104" severity="info" sys="SecureNet" sub="ips" name="ICMP flood detected" action="ICMP flood" fwrule="60014" initf="eth4" srcmac="0:50:56:b9:3b:7f" dstmac="0:1a:8c:f0:25:84" srcip="172.24.2.153" dstip="172.24.0.36" proto="1" length="44" tos="0x00" prec="0x00" ttl="255" type="8" code="0"

Could this be an issue of slow network?

Regards

This thread was automatically locked due to age.

Parents

0 teched_01 over 11 years ago

snort is not what throttles ICMP and generates those log lines (iptables instead).

The path through the network: cables/switches/routers from host to host.

I am not understanding the problem you are trying to solve - can you restate the specific problem(s) and how it compares to your expectations?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 teched_01 over 11 years ago

snort is not what throttles ICMP and generates those log lines (iptables instead).

The path through the network: cables/switches/routers from host to host.

I am not understanding the problem you are trying to solve - can you restate the specific problem(s) and how it compares to your expectations?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data