Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

strange icmp echo request

from [Tillmann Werner] Network Security [Permanent Link]
Subject: strange icmp echo request
Date: Sun, 28 Aug 2005 13:35:15 +0200 
Hi all,

i stumbled on the attached ping request yesterday. Interesting seq number, 
funny payload. Has anyone ever seen something similar? Any ideas about the 
generator?

15:25:58.975010 IP (tos 0x0, ttl  53, id 0, offset 0, flags [DF], length: 78) 
65.254.52.106 > 145.254.138.138: icmp 58: echo request seq 8009
        0x0000:  4500 004e 0000 4000 3501 b2be 41fe 346a  E..N..@.5...A.4j
        0x0010:  91fe 8a8a 0800 4bb2 0001 1f49 f9ed 0100  ......K....I....
        0x0020:  0000 0bb8 0003 ff3e de1e 198b 0f66 7470  .......>.....ftp
        0x0030:  2d73 7368 2d74 6172 6765 7473 0000 0000  -ssh-targets....
        0x0040:  0000 0000 0000 0000 0000 0000 0000       ..............

Thanks for hints.
Tillmann

Attachment: pgpMtw9TJjUUv.pgp
Description: PGP signature

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • strange icmp echo request, Tillmann Werner <=
Previous by Date:  SSH compiled with backdoor, steve
Next by Date:  Re: cuebot-d infection method, Jeff Bryner
Previous by Thread:  SSH compiled with backdoor, steve
Next by Thread:  Call for new mailing lists @ SecurityFocus, Alfred Huger
Indexes:  [Date] [Thread] [Top] [All Lists]