Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:411 |
| Message | ICMP IPV6 I-Am-Here |
| Summary | This event is generated when a network host generates an ICMP IPV6 I-Am-Here datagram. |
| Impact | ICMP Type 34 datagrams are not expected network traffic. Hosts generating ICMP Type 34 datagrams should be investigated for hostile activity. |
| Detailed Information | ICMP Type 34 is an undocumented extension to RFC 1812 and RFC 792. Its current use it not defined by an approved RFC. |
| Affected Systems | |
| Attack Scenarios | None known |
| Ease of Attack | Numerous tools and scripts can generate this type of ICMP datagram. |
| Corrective Action | Hosts generating ICMP Type 34 datagrams should be investigated for hostile activity. |
| Additional References | None |
--
DID:817560
--
http://www.aanval.com/