Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Unusual ICMP Traffic

From: Gary Flynn <flynngn () jmu edu>
Date: Tue, 22 Oct 2002 21:59:38 -0400
jeff () thepostmaster net wrote:


Has anyone seen this type of ICMP traffic?



No, but I'm going to start looking ASAP. A google search on revconnecttome
turned up some interesting hits:

From:
http://www.lwave.ca/DCHub/protocol.html


   $RevConnectToMe

A passive client may send this to cause a peer to send a $ConnectToMe back.
$RevConnectToMe <nick> <remoteNick> 
   * <nick> is the sender of the message.
   * <remoteNick> is the user which should send to $ConnectToMe.
The server must send this message unmodified to <remoteNick>. If <remoteNick> is an active client, it must send a $ConnectToMe to <nick>. If not, it must ignore the message. 




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: