Dear bugtraq I am under a bit of a icmp flood right now. And i really would like to hear what more experienced people have ot say about this. I am actually experiencing nothing significant tcpdump shows this: 12:59:34.427801 < port90.ds1-vj.adsl.cybercity.dk > d226-19-71.home.cgocable.net: icmp: echo request (frag 44560:1480@0+) 12:59:34.427801 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:1480@50320+) 12:59:34.427801 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:1480@51800+) 12:59:34.427801 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:1480@53280+) 12:59:34.427801 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:1480@54760+) 12:59:34.427801 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:1480@56240+) 12:59:34.437800 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:1480@57720+) 12:59:34.437800 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:1480@59200+) 12:59:34.437800 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:1480@60680+) 12:59:34.437800 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:1480@62160+) 12:59:34.437800 > d226-19-71.home.cgocable.net > ct299951-b.edgewd1.ky.home.com: (frag 43565:368@63640) 12:59:34.457799 < port90.ds1-vj.adsl.cybercity.dk > d226-19-71.home.cgocable.net: (frag 44560:1480@1480+) 12:59:34.477797 < port90.ds1-vj.adsl.cybercity.dk > d226-19-71.home.cgocable.net: (frag 44560:1480@2960+) 12:59:34.507795 < port90.ds1-vj.adsl.cybercity.dk > d226-19-71.home.cgocable.net: (frag 44560:1480@4440+) 12:59:34.537793 < port90.ds1-vj.adsl.cybercity.dk > d226-19-71.home.cgocable.net: (frag 44560:1480@5920+) 12:59:34.557791 < port90.ds1-vj.adsl.cybercity.dk > d226-19-71.home.cgocable.net: (frag 44560:1480@7400+) 12:59:34.587789 < port90.ds1-vj.adsl.cybercity.dk > d226-19-71.home.cgocable.net: (frag 44560:1480@8880+) 12:59:34.617787 < port90.ds1-vj.adsl.cybercity.dk > d226-19-71.home.cgocable.net: (frag 44560:1480@10360+) 12:59:35.087752 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: icmp: echo request (frag 58961:1480@0+) 12:59:35.267739 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@1480+) 12:59:35.317735 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@2960+) 12:59:35.377731 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@4440+) 12:59:35.467724 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@5920+) 12:59:35.557717 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@7400+) 12:59:35.657710 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@8880+) 12:59:35.747703 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@10360+) 12:59:35.847696 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@11840+) 12:59:35.937689 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@13320+) 12:59:35.947689 < 12-248-194-107.client.attbi.com > d226-19-71.home.cgocable.net: icmp: echo request (frag 56714:1480@0+) 12:59:35.957688 < 12-248-194-107.client.attbi.com > d226-19-71.home.cgocable.net: (frag 56714:1480@1480+) 12:59:35.977687 < 12-248-194-107.client.attbi.com > d226-19-71.home.cgocable.net: (frag 56714:1480@2960+) 12:59:35.987686 < 12-248-194-107.client.attbi.com > d226-19-71.home.cgocable.net: (frag 56714:1480@4440+) 12:59:35.997685 < 12-248-194-107.client.attbi.com > d226-19-71.home.cgocable.net: (frag 56714:1480@5920+) 12:59:36.037682 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@14800+) 12:59:36.127675 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@16280+) 12:59:36.217669 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@17760+) 12:59:36.317661 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@19240+) 12:59:36.407655 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@20720+) 12:59:36.507647 < D5E02291.kabel.telenet.be > d226-19-71.home.cgocable.net: (frag 58961:1480@22200+) It seems that the icmp echo request causes my machine to generate a bunch of icmp packets at another host! What's going on? Thanks Sebastian Ip ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Jan 27 2002 - 20:01:29 PST