Kevin Patz wrote: > > In-Reply-To: <3F411CBC.2020203at_private> > > Upon reading of this, I enabled logging of ping > > requests on my firewall. So far I've only seen three > > with len=92: > > 24.64.90.16 (Shaw Communcations) > > 24.60.234.130 (Comcast, formerly attbi) > > 24.61.246.103 (Comcast, formerly attbi) > > My IP is on Comcast, formerly attbi, on a 24.62 IP > > range. I also have some pings with len=60 but they > > look more like "normal" ICMP echo requests. If you allow the ones with len=92 through your firewall take note that you will be seeing from those very same addresses (neighbors I should say) traffic being denied on port 445 in your logs. Personally I don't use Win2k or XP but isn't there some way for users to turn this off, it gets quite *noisy* down the line! :-) Regards, -- Patrick Benson Stockholm, Sweden --------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications - Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.securityfocus.com/sponsor/CaptusNetworks_incidents_030814 ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Aug 19 2003 - 09:49:21 PDT