operational: icmp echo out of control?
Mike Tancsa
mike at sentex.net
Tue May 28 19:36:08 UTC 2002
At 03:21 PM 28/05/2002 -0400, Jeff Mcadams wrote:
>Also sprach E.B. Dreger
> >RAS> be mistaken for a port scan. But for so many network admins,
> >RAS> all they know is "ICMP bad".
>
> >That'll be the day when someone calls abuse saying "I'm being attacked
> >by ICMP unreachables!" ;-)
>
>"That'll be..."? Future tense? Hrmm...
Here is a sample posting from the "future"... It was much worse when my
email address was the ARIN contact and I would get people screaming at me
asking why I was hacking their machine :-(
---------begin annoying auto-robot-program----------
The attempt was detected by the personal firewall running on my machine,
and I am quite concerned about it.
If you are in fact responsible for this network, please do the following:
1) Research the access attempt(s),
2) Inform the responsible parties to discontinue access attempts,
3) Reply to me with your findings.
If you are not responsible for this network, please forward this message to
the person who is, or, if you do not know who this person is, please get
back to me with that information as well. Thank you.
The access attempt(s) are shown below, including the date and time, port
number, TCP or UDP indicator, and, if known, a service name associated with
the port.
Jeu 09 mai 2002 15:30:22, Port 3, ICMP, Destination Unreachable
Jeu 09 mai 2002 15:30:21, Port 3, ICMP, Destination Unreachable
Jeu 09 mai 2002 15:30:10, Port 3, ICMP, Destination Unreachable
Jeu 09 mai 2002 15:30:09, Port 3, ICMP, Destination Unreachable
More information about the NANOG
mailing list