This file is indexed.

/etc/snort/rules/community-icmp.rules is in snort-rules-default 2.9.7.0-5.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

1
2
3
4
5
6
7
8
# Copyright 2005 Sourcefire, Inc. All Rights Reserved.
# These rules are licensed under the GNU General Public License.
# Please see the file LICENSE in this directory for more details.
# $Id: community-icmp.rules,v 1.4 2006/06/01 15:51:28 akirk Exp $

#Rule submitted by rmkml
alert icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"COMMUNITY ICMP Linux DoS sctp Exploit"; icode:2; itype:3; content:"|28 00 00 50 00 00 00 00 F9 57 1F 30 00 00 00 00 00 00 00 00 00 00 00 00|"; reference:nessus,19777; classtype:attempted-user; sid:100000164; rev:2;)
alert icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"COMMUNITY ICMP undefined code"; icode:>18; classtype:misc-activity; sid:100000197; rev:1;)