Really odd pings going out
Tony Rall
trall at almaden.ibm.com
Wed Oct 19 05:25:08 UTC 2005
On Tuesday, 2005-10-18 at 21:18 MST, Aaron Glenn <aaron.glenn at gmail.com>
wrote:
> I've found this tool to be very handy in finding out just what process
> is doing what.
>
> http://www.sysinternals.com/Utilities/TcpView.html
But Tcpview doesn't show anything for icmp - which is what was happening
in this case. However, if the "guilty" process is also using tcp, Tcpview
will likely identify it.
On the other hand, a firewall that limits outbound traffic to only
"permitted" programs would probably nail the program involved (Zonealarm
is one example of such a firewall).
> btw, I don't think nanog is the most appropriate list for these types
> of questions, fyi.
Probably so. The newsgroup news:comp.security.misc might be a better
place.
Tony Rall
More information about the NANOG
mailing list