Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:428 |
| Message | ICMP Parameter Problem undefined Code |
| Summary | This event is generated when a host generates and ICMP Parameter Problem datagram with an undefined ICMP Code. |
| Impact | ICMP datagrams should never contain undefined ICMP Codes. This is normally an indication of nefarious activity occurring on the network. |
| Detailed Information | A router generates a Parameter Problem message for any error not specifically covered by another ICMP message. This could be an indication of routing problems on the network, or malfunctioning routing hardware. |
| Affected Systems | |
| Attack Scenarios | None known |
| Ease of Attack | Numerous tools and scripts can generate this type of ICMP datagram. |
| Corrective Action | ICMP Type 12 datagrams with undefined ICMP Codes are not normal network activity. Hosts generating these types of datagrams should be investigated for configuration errors or nefarious activity. |
| Additional References | None |
--
DID:810068
--
http://www.aanval.com/