Last Updated on August 13, 2021 by Admin 2
Which filter to locate unusual ICMP request an Analyst can use in order to detect a ICMP probes from the attacker to a target OS looking for the response to perform ICMP based fingerprinting?
- (icmp.type==9 && ((!(icmp.code==9))
- (icmp.type==8 && ((!(icmp.code==8))
- (icmp.type==12) | | (icmp.type==15| |(icmp.type==17)
- (icmp.type==14) | | (icmp.type==15| |(icmp.type==17)