Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:397 |
Message | ICMP Destination Unreachable Host Precedence Violation |
Summary | This event is generated when An ICMP Host Precedence Violation is sent by the first hop router to a host to indicate that a requested precedence is not permitted for the particular combination of source and destination host, network destination, upper layer protocol, or source/destination port. |
Impact | Routers will generate this message when the requested precedent is not permitted to transverse the network. This could be an indication of an improperly configured routing device or a improperly configured host on the network. |
Detailed Information | This rule generates informational events about the network. Large numbers of these messages on the network could indication routing problems, faulty routing devices, or improperly configured hosts. |
Affected Systems | |
Attack Scenarios | None Known |
Ease of Attack | Numerous tools and scripts can generate these types of ICMP datagrams. |
Corrective Action | This rule detects informational network information, no corrective action is necessary. |
Additional References | None |
--
DID:386375
--
http://www.aanval.com/