Security Incidents mailing list archives
ICMP 8.255?
From: "E. Larry Lidz" <ellidz () eridu uchicago edu>
Date: Thu, 24 May 2001 12:56:04 -0500
On a recent scan of our network, we saw ICMP echo requests coming in with the ICMP code set to 255. As it's normally supposed to be set to zero (and I can't recall ever having seen a non-zero code on an echo request), I'm assuming that this was some sort of constructed packet. Anyone else seen this before? Of course, it's possible it's some sort of new DoS attack, though we didn't have any reports of machines crashing because of it. -Larry --- E. Larry Lidz Phone: (773)702-2208 Sr. Network Security Officer Fax: (773)702-0559 Network Security Center, The University of Chicago PGP: http://security.uchicago.edu/centerinfo/pgpkeys.shtml
Current thread:
- ICMP 8.255? E. Larry Lidz (May 24)
- Re: ICMP 8.255? Ofir Arkin (May 25)
- ICMP codes Kurt Seifried (May 25)
- Re: ICMP 8.255? Ofir Arkin (May 25)