bug - ICMPv6 type 143 is Version 2 Multicast Listener Report error
imthenachoman opened this issue · 3 comments
imthenachoman commented
My server is generating this PSAD alert. I am told here it is a bug with PSAD because MLDv2 has been around for 15 years.
=-=-=-=-=-=-=-=-=-=-=-= Sat Mar 9 22:50:28 2019 =-=-=-=-=-=-=-=-=-=-=-=
Danger level: [2] (out of 5)
Source: 0000:0000:0000:0000:0000:0000:0000:0000
DNS: [No reverse dns info available]
Destination: ff02:0000:0000:0000:0000:0000:0000:0016
DNS: [No reverse dns info available]
Overall scan start: Sat Mar 9 22:50:28 2019
Total email alerts: 1
Syslog hostname: vm
Global stats:
chain: interface: protocol: packets:
OUTPUT enp0s3 icmp6 1
[+] ICMP6 scan signatures:
Invalid ICMP type "143" chain=OUTPUT packets=1
[+] Whois Information (source IP):
No whois server is known for this kind of object.
=-=-=-=-=-=-=-=-=-=-=-= Sat Mar 9 22:50:28 2019 =-=-=-=-=-=-=-=-=-=-=-=
mrash commented
Agreed this is a bug. Will fix and send an update.
imthenachoman commented
Great! Thank you!
devrushit commented
Still having this issue with docker :
=-=-=-=-=-=-=-=-=-=-=-= Thu Mar 3 21:23:37 2022 =-=-=-=-=-=-=-=-=-=-=-=
Danger level: [2] (out of 5)
Source: 0000:0000:0000:0000:0000:0000:0000:0000
DNS: [No reverse dns info available]
Destination: ff02:0000:0000:0000:0000:0000:0000:0016
DNS: [No reverse dns info available]
Overall scan start: Wed Mar 2 06:09:01 2022
Total email alerts: 45
Syslog hostname: vega
Global stats:
chain: interface: protocol: packets:
OUTPUT veth50d701b icmp6 1
OUTPUT veth6ab9744 icmp6 1
OUTPUT vethb7c27ab icmp6 1
OUTPUT veth2fa6897 icmp6 1
OUTPUT vethf59833d icmp6 1
OUTPUT vethe0b9df2 icmp6 1
OUTPUT veth62b9a4d icmp6 2
OUTPUT veth1c5bc90 icmp6 2
OUTPUT enp4s0 icmp6 2
OUTPUT br-a360b91bd4caicmp6 1
OUTPUT vetha4836c3 icmp6 1
OUTPUT veth2102e48 icmp6 1
OUTPUT veth7aba989 icmp6 2
OUTPUT veth55eabc3 icmp6 1
OUTPUT veth5dc507d icmp6 1
OUTPUT vethaf5a019 icmp6 2
OUTPUT veth1e542ba icmp6 2
OUTPUT vethf8e4282 icmp6 1
OUTPUT veth3c6dc99 icmp6 2
OUTPUT veth3c75028 icmp6 1
OUTPUT veth9b7568e icmp6 1
OUTPUT vetha786408 icmp6 2
OUTPUT vethd95b9a1 icmp6 2
OUTPUT veth8fd5c8c icmp6 1
OUTPUT veth3bfd905 icmp6 2
OUTPUT br-26ce3dc8ed53icmp6 1
OUTPUT veth08e67e5 icmp6 1
OUTPUT vethb758978 icmp6 1
OUTPUT veth21ffaa1 icmp6 1
OUTPUT veth19ade3d icmp6 1
OUTPUT veth74d2ae4 icmp6 2
OUTPUT br-425e0912197eicmp6 2
OUTPUT vethb708fde icmp6 2
OUTPUT vethfd4c576 icmp6 2
OUTPUT vethf074823 icmp6 1
OUTPUT veth555e933 icmp6 1
OUTPUT veth4e830d3 icmp6 1
OUTPUT veth2ca3662 icmp6 2
OUTPUT vethc0cf155 icmp6 2
OUTPUT veth812987a icmp6 1
OUTPUT docker0 icmp6 1
OUTPUT vethb7a7814 icmp6 1
OUTPUT veth55179e7 icmp6 2
OUTPUT vethcc77656 icmp6 1
OUTPUT veth576698e icmp6 1
OUTPUT vethf1d3f02 icmp6 1
OUTPUT veth5ea324a icmp6 1
OUTPUT veth203e606 icmp6 1
OUTPUT vethe8d7b95 icmp6 1
OUTPUT veth3f3723a icmp6 1
OUTPUT veth6c9208b icmp6 1
OUTPUT br-deac5ae75c4eicmp6 1
OUTPUT vethae8e03b icmp6 1
OUTPUT br-fe5747e267abicmp6 2
OUTPUT veth571cde0 icmp6 1
OUTPUT vetha5a5a93 icmp6 2
OUTPUT veth7f89b17 icmp6 1
OUTPUT veth08582b4 icmp6 2
OUTPUT br-44ff53398f4bicmp6 1
OUTPUT br-8864eb31b097icmp6 1
OUTPUT veth20a2f64 icmp6 1
OUTPUT vethb8a04b7 icmp6 2
OUTPUT veth5ab9182 icmp6 1
OUTPUT veth2d421a0 icmp6 2
OUTPUT veth46507c5 icmp6 1
OUTPUT veth2421aef icmp6 1
OUTPUT veth61c0965 icmp6 2
OUTPUT br-fc53b081ee10icmp6 1
OUTPUT vethe384b56 icmp6 1
OUTPUT veth3f9a8c6 icmp6 2
OUTPUT veth25b9491 icmp6 1
OUTPUT veth7d857d5 icmp6 2
OUTPUT veth687e1bc icmp6 1
OUTPUT vethe85126c icmp6 2
OUTPUT vetha6de657 icmp6 1
[+] ICMP6 scan signatures:
Invalid ICMP type "143" chain=OUTPUT packets=1
[+] Whois Information (source IP):
No whois server is known for this kind of object.
=-=-=-=-=-=-=-=-=-=-=-= Thu Mar 3 21:23:37 2022 =-=-=-=-=-=-=-=-=-=-=-=