SecurityFocus

Tracking down random ICMP Jan 22 2007 01:19PM
Craig Chamberlain (craig chamberlain Q1Labs com) (3 replies)

Re: Tracking down random ICMP Feb 02 2007 11:25PM
Frank Knobbe (frank knobbe us)

Re: Tracking down random ICMP Jan 23 2007 03:32PM
Valdis Kletnieks vt edu (2 replies)

Re: Tracking down random ICMP Jan 25 2007 12:13PM
Javier Fernández-Sanguino (jfernandez germinus com) (1 replies)

Valdis.Kletnieks (at) vt (dot) edu [email concealed] dijo:
> On Mon, 22 Jan 2007 09:19:31 -0400, Craig Chamberlain said:
>> Is there a tool that can determine which process ID is generating ICMP
>> packets or IRPs in Windows? TDImon seems to be TCP/UDP only. TCPview and
>> netstat apparently can't do it.
>
> I'm not aware of any well-known userspace API that generates ICMP, so
> any userspace would have to be hand-crafting the packets itself. So what
> you're looking for is a process that has a raw socket open.

Maybe you don't know about libdnet? [1] There are quite a number of
tools that use it.

Regards

Javier

[1] http://libdnet.sourceforge.net/
(lib*dumb*net not to be confused with lib*dec*net)

[ reply ]

Re: Tracking down random ICMP Jan 25 2007 05:20PM
Valdis Kletnieks vt edu (2 replies)

DoS attacks using ports 31800, 31900 ? Feb 02 2007 06:27PM
David Gillett (gillettdavid fhda edu) (1 replies)

Re: DoS attacks using ports 31800, 31900 ? Feb 06 2007 03:36PM
Deapesh Misra (deapesh gmail com)

Attempted FTP intrusion Jan 31 2007 05:43PM
David Gillett (gillettdavid fhda edu) (1 replies)

Re: Attempted FTP intrusion Jan 31 2007 10:09PM
Tillmann Werner (tillmann werner gmx de)

Re: Tracking down random ICMP Jan 23 2007 09:37PM
Jose Nazario (jose monkey org) (1 replies)

Re: Tracking down random ICMP Jan 24 2007 01:05AM
Bojan Zdrnja (bojan zdrnja gmail com) (1 replies)

Re: Tracking down random ICMP Feb 09 2007 12:17AM
Jean-Baptiste Marchand (jbm lists gmail com)

Re: Tracking down random ICMP Jan 23 2007 03:50AM
Kyle Maxwell (krmaxwell gmail com)