IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ICMP Destination Unreachable Port Unreachable

From: proneetb () redback com
Date: 18 Dec 2007 21:58:49 -0000
It might be a good idea to run netstat/tcpview on the local host and see 
which process is trying to do the connect.  Try cross referencing that name
in the well known spyware database. Now if it is one of those bots which 
generate their names in a random fashion, the process name might not be 
useful, so you might want to check across installations to see if the 
process name has changed.
--------------------------------------------------Proneet Biswas                RedBack Networks
Address                       300 Holger Way
                              San Jose CA 95134
Phone:                        1-408-750-5836
Email:                        proneetb () redback com
Web:                          www.redback.com

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: