Re: Increasing ICMP Echo Requests

From: Jeff Kell (jeff-kellat_private)
Date: Mon Aug 18 2003 - 23:39:10 PDT

Next message: Christopher Lyon: "Strange UDP packets to non-existent network."

Previous message: Kostas K: "what is this?"
In reply to: Ken Dunham: "RE: Increasing ICMP Echo Requests"
Next in thread: Joe Stewart: "Re: Increasing ICMP Echo Requests"
Next in thread: Robinson, Sonja: "RE: Increasing ICMP Echo Requests"
Reply: Joe Stewart: "Re: Increasing ICMP Echo Requests"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ken Dunham wrote:

> It opens TCP port 707.  doesn't sound nice to me.

This is the bothersome part.  If it keeps a shell bound to 707 then it 
is definitely malicious, despite the sugar coating.

Jeff


---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping  
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Ensure Reliable Performance of Mission Critical Applications
 - Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at: 
http://www.securityfocus.com/sponsor/CaptusNetworks_incidents_030814
----------------------------------------------------------------------------

Next message: Christopher Lyon: "Strange UDP packets to non-existent network."
Previous message: Kostas K: "what is this?"
In reply to: Ken Dunham: "RE: Increasing ICMP Echo Requests"
Next in thread: Joe Stewart: "Re: Increasing ICMP Echo Requests"
Next in thread: Robinson, Sonja: "RE: Increasing ICMP Echo Requests"
Reply: Joe Stewart: "Re: Increasing ICMP Echo Requests"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Aug 19 2003 - 09:39:44 PDT