|
Home > Archive > Snort > September 2004 > [Snort-users] How to fix the vulnerabilities
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
[Snort-users] How to fix the vulnerabilities
|
|
| Aguiar Magalhaes 2004-09-22, 10:25 pm |
| Hi list,
I´m using the snort-2.2.0...
I´ve received a lot of alerts and I´d like to know how
fix these vulnerabilities (Where can I get these
informations ??)
Please, help me
Exemples:
[1:466:4] ICMP L3retriever Ping [Classification:
Attempted Information Leak] [Priority: 2]: {ICMP}...
[1:480:5] ICM PING speedera [Classification: Misc
activity] [Priority: 3]: {ICMP}...
[1:1852:3] WEB-MISC robots.txt access ...
________________________________________
_______________
Yahoo! Messenger 6.0 - jogos, emoticons sonoros e muita diversão. Instale agora!
http://br.download.yahoo.com/messenger/
-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
________________________________________
_______
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists...nfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf....ist=snort-users
| |
| james edwards 2004-09-22, 10:25 pm |
| Google the terms L3retriever Ping, speedera, robots.txt
Hint: They are not vulnerabilities
----- Original Message -----=20
From: "Aguiar Magalhaes" <magalhj@yahoo.com.br>
To: <snort-users@lists.sourceforge.net>
Sent: Wednesday, September 22, 2004 11:28 AM
Subject: [Snort-users] How to fix the vulnerabilities
> Hi list,
>
> I=B4m using the snort-2.2.0...
>
> I=B4ve received a lot of alerts and I=B4d like to know how
> fix these vulnerabilities (Where can I get these
> informations ??)
>
> Please, help me
>
> Exemples:
>
> [1:466:4] ICMP L3retriever Ping [Classification:
> Attempted Information Leak] [Priority: 2]: {ICMP}...
>
> [1:480:5] ICM PING speedera [Classification: Misc
> activity] [Priority: 3]: {ICMP}...
>
> [1:1852:3] WEB-MISC robots.txt access ...
>
>
>
>
>
> ________________________________________
_______________
> Yahoo! Messenger 6.0 - jogos, emoticons sonoros e muita divers=E3o. Ins=
tale
agora!
> http://br.download.yahoo.com/messenger/
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
> Project Admins to receive an Apple iPod Mini FREE for your judgement on
> who ports your project to Linux PPC the best. Sponsored by IBM.
> Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
> ________________________________________
_______
> Snort-users mailing list
> Snort-users@lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists...nfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf....t=3Dsnort-users
-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
________________________________________
_______
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists...nfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf....ist=snort-users
| |
| James Riden 2004-09-22, 10:25 pm |
| Aguiar Magalhaes <magalhj@yahoo.com.br> writes:
> Hi list,
>
> I=B4m using the snort-2.2.0...=20
>
> I=B4ve received a lot of alerts and I=B4d like to know how
> fix these vulnerabilities (Where can I get these
> informations ??)
>
> Please, help me
>
> Exemples:=20
>
> [1:466:4] ICMP L3retriever Ping [Classification:
> Attempted Information Leak] [Priority: 2]: {ICMP}...=20
>
> [1:480:5] ICM PING speedera [Classification: Misc
> activity] [Priority: 3]: {ICMP}...
Not a vulnerability, just for information's sake. Please don't turn
off all ICMP, that breaks more things than it fixes.
> [1:1852:3] WEB-MISC robots.txt access ...
Someone fetched /robots.txt which is a file which says which
(well-behaved) web crawlers are allowed to access web sites. Google
amongst others will do this - in which case you should see "googlebot"
as the user-agent for the /robots.txt in your httpd logs.
If you want to know more, check out the references in the signatures.
cheers,
Jamie
--=20
James Riden / j.riden@massey.ac.nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/
-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
________________________________________
_______
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists...nfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf....ist=snort-users
|
|
|
|
|