[Dshield] ICMP Traffic ??
infosigmer at inbox.com
Thu Apr 12 13:33:49 GMT 2007
Try Outscan. It helps alot, through the network scans.
On Thursday 12 April 2007 01:42, Basiru Ndow wrote:
> Is there any utility out there that would identify exactly what process or
> program is sending out ICMP traffic ? I am seeing whole lot of ICMP echo
> request going out to one of IP address from different machines within our
> network. This IP is not a valid IP in our network but it kind of looks like
> the IP of one of our desktop management servers but for one digit ( eg.
> 220.127.116.11- our server and 18.104.22.168-- the server all ICMP request
> are directed to). I have already used Wireshark and can capture the
> traffic from the machines sending the traffic but I can't exactly pin
> point what is doing it. I have also used TCPview but no go, run different
> scans for viruses and malware but no go. My next step with our desktop
> group to see if the reporting agents on the desktops were not properly
> configured to report to the wrong server IP.
> Any help would be appreciated.
Gichuki John Ndirangu,
I.T Security and Forensics Analyst
+245 720 254 679
NOTICE: "The contents of this e-mail and any accompanying documentation is
confidential and any use thereof, in whatever form, by anyone other than the
addressee for whom it is intended, is strictly prohibited. The POP Address is
registered to Gichuki John Ndirangu of C.I.U"
KEEP SPYWARE OFF YOUR COMPUTER - Protect your computer with Spyware Terminator!
Visit http://www.spywareterminator.com/install and find out more!
More information about the list