[unisog] Wierd ICMP traffic
aquesada at guc.usg.edu
Fri Nov 14 14:53:42 GMT 2003
I'll go on a wild guess here and assume the traffic is type 8 (echo or ping).
We have seen massive amounts of pings towards us from many different networks.
One particular IP pings all our class Cs, all the way from 1 to 254 and then jumps to
the next slash 24.
Usually-mostly-mainly that means that the pining machine is infected by one of the latest worms,
according to the response from the other end after we report the probe and they enquire on it.
Just a wild guess,
I hope this helps.
Gwinnett University Center
More information about the unisog