We're experiencing a problem with Sig ID 2156, the Nachi Worm ICMP Echo Request signature. The problem we're seeing is once the signature fires, the destination IP address in the alarm is actually the machine that's infected with Nachi and the sourc...