Security Incidents mailing list archives
Re: Sparse ICMP/ACK Scans to Broadcast Addresses
From: lamont () ICOPYRIGHT COM (Granquist, Lamont)
Date: Sun, 7 May 2000 17:48:58 -0700
On Fri, 5 May 2000, Stephen P. Berry wrote:
Over the past couple days, I've noticed an odd traffic pattern which
I haven't observed previously. The pattern consists of two flavours
of traffic:
-An ICMP_ECHO_REQUEST
-An ACK
That's an ACK ping, to detect machines that packet filter ICMP. NMAP is one scanner that will do these kinds of scans. I'm not up-to-date on DoS technology -- is there a DoS tool out there that does TCP smurfs?
Current thread:
- Sparse ICMP/ACK Scans to Broadcast Addresses Stephen P. Berry (May 05)
- Re: Sparse ICMP/ACK Scans to Broadcast Addresses Granquist, Lamont (May 07)
- Re: Sparse ICMP/ACK Scans to Broadcast Addresses Stephen P. Berry (May 08)
- Re: Sparse ICMP/ACK Scans to Broadcast Addresses Granquist, Lamont (May 07)