[Emerging-Sigs] [jmm] Is attacking port 0 (zero) really a thing?

James Moe jimoe at sohnen-moe.com
Fri Oct 18 16:27:13 HDT 2019


suricata v5.0.0
opensuse 15.0

Found a lot of there entries in the fast.log for the last two days.

10/18/2019-13:06:01.032939  [Drop] [**] [1:2200076:2] SURICATA ICMPv4 invalid
checksum [**] [Classification: Generic Protocol Command Decode] [Priority: 3]
{ICMP} 60.191.38.77:771 -> 192.168.69.246:0

Is attacking port 0 really a thing?

-- 
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20191018/cb6e1e7e/attachment.sig>


More information about the Emerging-sigs mailing list