[Ver 3.02] --- コンピュータセキュリティインシデント報告様式 --- JPCERT コーディネーションセンター (JPCERT/CC) この報告様式は、コンピュータセキュリティインシデント情報を JPCERT/CC へお送り頂く際にご利用頂くためのものです。 報告様式一式に関しては、http://www.jpcert.or.jp/form/ をご覧下さい。 初めて利用される方は「インシデント報告のガイドライン」(GUIDELINE.txt) をお読み下さい。 報告内容の暗号化、またアーカイブの署名検証に必要な JPCERT/CC の PGP 公開鍵は以下の URL にございます。 http://www.jpcert.or.jp/jpcert.asc ---------------------------------------------------------------------- 1. 連絡先 ---------------------------------------------------------------------- 1-1 お名前、組織名称、部署名をご記入下さい。 名前: 高出 寧太 組織名称: JPCERT コーディネーションセンター 部署名: システム管理本部第一ネットワーク課 1-2 連絡先の指定のある方はご記入下さい。指定がなければ、お送り頂いた 電子メールアドレス、もしくは FAX の発信元に返信致します。 電子メール: FAX: ---------------------------------------------------------------------- 2. この報告の目的 (記入が無い場合は情報提供として扱います) ---------------------------------------------------------------------- 2-1 JPCERT/CC の対応について、以下の [1] 以外をご希望の場合は、 項目 「2-2」 に具体的な内容をご記入下さい。 1: 情報提供 2: 質問 3: 関係サイトへの連絡を希望 原因の特定、拡大および再発の防止等の目的で、アクセスに関係した 各サイトの管理者に通知連絡を行なう際に、今回お送り頂いた情報を そのまま連絡先に対して開示する場合があります。 もし開示にご同意いただける場合には以下の [ ] 内に○をご記入く ださい。ご記入のない場合は、同意がないものとして関係サイトへの 連絡を控えさせていただくことがあることをあらかじめご了承くださ い。 今回の報告に関してログ内容等の情報の開示に同意します [○] 4: その他 選択番号 [3] 2-2 上記にて 2, 3, 4 を選択された方は具体的なご要望をご記入下さい。 受領を確認したのち、こちらから折り返し連絡致します。 どのように連絡してよいか分からないので、そちらからアクセス元のサイトへ 連絡をして欲しい。 ---------------------------------------------------------------------- 3. 発生したインシデントの概要 ---------------------------------------------------------------------- 3-1 アクセス元に関する情報をご記入下さい。 IP アドレス、ホスト名など: 10.123.123.123 3-2 インシデントの内容、発見方法、対処などについてご記入下さい。 短時間に大量の ICMP パケットが送信されてきた結果、ネットワーク帯域が大 量に消費され、ネットワークが極端に重くなった。現在は落ち着いているが再 発を防ぎたい。 3-3 インシデントの発生したシステムについてご記入下さい。 IP アドレス 又は ホスト名: 172.16.0.1 プロトコル 又は ポート: ICMP 関連ソフトウェア: iptables ハードウェア/OS: PC/AT 互換機 / Debian GNU/Linux 3.0 発生日時: 2003/05/01 15:49 タイムゾーン(時間帯): UTC+0900 ____________________________________________________________ このメールに 1秒間のログを添付します。iptables のもの。 ____________________________________________________________ __________ Copyright (C) 2003-2004, by JPCERT/CC. All rights reserved. ---------------------------------------------------------------------- 皆様のご協力に感謝致します。JPCERT/CC の識別番号は、当組織にて報告を 受領した際に、改めてお知らせ致します。 ---------------------------------------------------------------------- ---- 以下添付されたログ情報 ---- May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23456 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=61 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23457 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=62 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23458 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=63 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23460 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=64 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23461 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=65 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23462 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=66 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23463 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=67 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23464 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=68 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23465 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=69 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23466 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=70 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23467 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=71 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23468 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=72 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23469 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=73 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23470 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=74 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23471 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=75 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23472 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=76 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23473 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=77 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23474 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=78 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23475 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=79 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23476 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=80 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23477 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=81 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23478 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=82 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23479 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=83 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23480 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=84 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23481 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=85 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23483 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=86 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23484 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=87 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23485 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=88 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23486 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=89 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23487 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=90 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23488 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=91 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23489 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=92 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23490 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=93 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23491 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=94 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23492 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=95 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23493 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=96 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23494 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=97 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23495 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=98 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23496 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=99 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23497 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=100 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23498 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=101 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23499 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=102 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23500 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=103 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23501 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=104 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23502 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=105 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23504 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=106 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23505 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=107 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23506 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=108 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23507 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=109 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23508 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=110 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23509 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=111 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23510 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=112 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23511 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=113 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23512 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=114 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23513 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=115 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23514 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=116 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23515 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=117 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23516 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=118 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23517 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=119 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23518 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=120 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23519 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=121 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23520 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=122 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23521 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=123 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23522 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=124 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23523 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=125 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23524 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=126 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23525 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=127 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23527 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=128 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23528 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=129 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23529 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=130 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23530 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=131 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23531 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=132 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23532 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=133 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23534 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=134 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23535 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=135 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23536 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=136 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23537 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=137 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23538 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=138 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23539 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=139 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23540 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=140 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23541 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=141 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23542 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=142 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23543 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=143 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23544 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=144 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23545 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=145 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23546 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=146 May 01 15:49:29 host00 kernel: INPUT ICMP Packet:IN=eth0 OUT= MAC=ZZ:b0:d0:8f:7c:5a:99:06:5b:7a:3f:14:PP:QQ SRC=10.123.123.123 DST=172.16.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=230 ID=23547 PROTO=ICMP TYPE=8 CODE=0 ID=12506 SEQ=147