ICMP traffic in Snort+BASE
I'm trying to test snort+base in a linux box. I don't seem to get ICMP alerts. I tried ping but base does not display it as ICMP traffic. Can anyone suggest me an attack to create Alerts with ICMP traffic?
|
Try hping2 for packet crafting.
The standard 'hping -V -C 8 <target>' should generate the ICMP PING NMAP alert. Also make sure that the system you're scanning from isn't part of $HOME_NET |
Thanx for your reply.
Actually I manage to create some ICMP host unreachable alerts, but I also downloaded and compiled hping2. And did what you said. hping is a really nice tool with many capabilities. Thanx again |
All times are GMT -5. The time now is 07:31 AM. |