Security Basics mailing list archives
RE: icmp echo-requests?
From: DE VILLIERS IAN <ian.devilliers () alc co za>
Date: Fri, 22 Nov 2002 11:41:35 +0200
A lot of malware (including Tribal Flood Network) communicate between client/server using structured ICMP packets. -----Original Message----- From: JR [mailto:jr () secureity de] Sent: 2002/11/20 10:21 To: security-basics () securityfocus com Subject: icmp echo-requests? Hi everyone, in my firewall logs I see a lot of echo-requests within the internal network. Of course, the simplest answer to these events is that pings are causing these events. But on these machines definitely no pings are startet to that times. Is it possible that other kind of programs are using echo-requests? What kind of programs are using echo-requests and why? Checking wether the other host ist up? What if the firewall is filtering echo-requests? The program would think that the host is down... Greetings! JR ____________________________________________________________________________ __ Erster Klick - SMS versenden, zweiter Klick - die Telefonnummer im Adressbuch speichern bei: http://freemail.web.de/features/?mc=021151
Current thread:
- icmp echo-requests? JR (Nov 22)
- RE: icmp echo-requests? Timothy M. Lyons (Nov 25)
- RE: icmp echo-requests? Daniel R. Miessler (Nov 28)
- Re: icmp echo-requests? zhaol (Nov 25)
- Re: icmp echo-requests? Stephane Nasdrovisky (Nov 25)
- RE: icmp echo-requests? Daniel R. Miessler (Nov 25)
- <Possible follow-ups>
- RE: icmp echo-requests? DE VILLIERS IAN (Nov 25)
- Re: icmp echo-requests? Eric Schroeder (Nov 25)
- RE: icmp echo-requests? smarriott (Nov 26)
- RE: icmp echo-requests? Timothy M. Lyons (Nov 25)