Next: , Previous: Events handled by net_weird, Up: weird Analysis Script


7.27.8 Events generated by the standard scripts

The following events are generated by the standard scripts themselves:

`bad_pm_port'
See pm_bad_port. Handled by conn_weird_addl, where the extra parameter is the text "port <bad-port>".

Land_attack A TCP connection attempt was seen with identical initiator and responder addresses and ports. This event likely reflects an attempted denial-of-service attack known as a “Land” attack. See check_spoof. Handled by conn_weird.