GEN:SID | 1:415 |
Message | ICMP Information Reply |
Summary | This event is generated when a network host generates an ICMP Information Reply datagram.
|
Impact | ICMP Information Reply datagrams contain the network number of the network segment the datagram was generated on. This could be an indication of an improperly configured host attempting to locate the network number of the subnet it is located in.
|
Detailed Information | This message is generated in response to an ICMP Information Request Message. Hosts that generated ICMP Information Request Messages are attempting to obtain the network number of subnet it is on.
|
Affected Systems | |
Attack Scenarios | None known
|
Ease of Attack | Numerous tools and scripts can generate this type of ICMP datagram.
|
Corrective Action | ICMP Type 16 datagrams are not normal network activity. Hosts generating ICMP Information Request messages or Information Reply Messages should be checked for configuration errors.
|
Additional References | None
|