GEN:SID 1:466
Message ICMP L3retriever Ping
Summary This event is generated when an ICMP echo request is made from a host running the L3 "Retriever 1.5" security scanner.
Impact Information gathering.  An ICMP echo request can determine if a host is active.
Detailed Information An ICMP echo request is used by the ping command to elicit an ICMP echo reply from a listening live host.  An echo request that originates from a host running the L3 "Retriever 1.5" security scanner contains a unique payload in the message request.
Affected Systems All
Attack Scenarios An attacker may attempt to determine live hosts in a network prior to launching an attack.
Ease of Attack Simple
Corrective Action Block inbound ICMP echo requests.
Additional References http://www.whitehats.com/info/IDS311
Rule References arachnids: 311