Code: p408 Severity: Warning
Description: This traffic represents a Stacheldraht agent-to-handler communication to test whether or not the network on which the agent runs is allowed to send an outgoing packet with a spoofed source IP. Impact: This event indicates that the Stacheldraht agent is running on a host on the monitored network. Corrective: Use egress filtering in your network to prevent traffic leaving your network that is not part of the internal address space so that the Stacheldraht agent will be rejected for use in the DDoS.
|
