Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: traceroute ICMP packets

traceroute ICMP packets

From: Laszlo Fabian <lfabian_at_CRIC.CHEMRES.HU>
Date: Tue, 4 Jan 2000 17:15:22 +0100

Hello,

My Linux box has recently logged some traceroute ICMP packets. Of course,
I did not traceroute these hosts. (Packets from hosts between my
computer and the source IPs are missing as well.)

Do you have any idea what this can be?

Here are the (ipchains) logs:
(x.y.u.v is the IP address of myhost)

Jan 3 15:29:54 myhost kernel: Packet log: input ACCEPT eth0 PROTO=1
        167.216.136.2:11 x.y.u.v:0 L=56 S=0xC0 I=21545 F=0x0000 T=247
Jan 3 15:30:07 myhost kernel: Packet log: input ACCEPT eth0 PROTO=1
        212.59.199.41:11 x.y.u.v:0 L=56 S=0x00 I=3106 F=0x0000 T=237
Jan 3 15:30:16 myhost kernel: Packet log: input ACCEPT eth0 PROTO=1
        212.59.199.41:11 x.y.u.v:0 L=56 S=0x00 I=3124 F=0x0000 T=237
Jan 3 15:30:23 myhost kernel: Packet log: input ACCEPT eth0 PROTO=1
        167.216.136.2:11 x.y.u.v:0 L=56 S=0xC0 I=21986 F=0x0000 T=247
... (more packets from these hosts with similar delays between them)

Laszlo
Received on Jan 04 2000

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos