IDS mailing list archives
Re: ICMP Destination Unreachable Port Unreachable
From: proneetb () redback com
Date: 18 Dec 2007 21:58:49 -0000
It might be a good idea to run netstat/tcpview on the local host and see which process is trying to do the connect. Try cross referencing that name in the well known spyware database. Now if it is one of those bots which generate their names in a random fashion, the process name might not be useful, so you might want to check across installations to see if the process name has changed. --------------------------------------------------Proneet Biswas RedBack Networks Address 300 Holger Way San Jose CA 95134 Phone: 1-408-750-5836 Email: proneetb () redback com Web: www.redback.com ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- ICMP Destination Unreachable Port Unreachable jerikl75 (Dec 18)
- <Possible follow-ups>
- Re: ICMP Destination Unreachable Port Unreachable proneetb (Dec 20)