Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Tracking down random ICMP
Jan 22 2007 01:19PM
Craig Chamberlain (craig chamberlain Q1Labs com)
Seem to be seeing more random bursts of ICMP traffic - sometimes
unidirectional - with remote destinations that are mostly inexplicable.
Wondering if it's a covert control channel of some sort - if so I can
see why they chose ICMP - often allowed through firewalls and it is
seems to be hard to dete...
[ more ]
Copyright 2010, SecurityFocus