Security Basics mailing list archives
Re: pings
From: Leif Ericksen <leife () dls net>
Date: Tue, 28 Dec 2004 12:35:03 -0600
Overall I would not worry to much about ping packets noticed in your firewall logs. Yeah notice them and unless you are seeing hundreds to thousands of packets not a big deal. I am on a DHCP connection with my ISP and I see various hits in my IDS from PING. ping hits aer way to common for most people to worry about. just my $0.02 -- Leif
Hi, I've been monitoring my firewall logs, via. snort and ACID and have noticed that I've been getting a lot of pings from different IP addresses, but most from the 'pnap.net' network. Between "Undefined Code" (as stated in Snort) to the Ping that contains "Please Help Me. matrix catch me" packet. Now I've shut down the ICMP capabilities; that is, I've set my firewall to drop ICMPs. My question is, has anyone received any of such pings from the 'pnap.net' network? I've done some basic checks on the particular IPs from this domain, and since I'm quite a neophyte in the security business, I don't know whether the source is spoofed or not. Should I even be concerned about these pings? Any help/advice appreciated. Thank you. And a Very Safe and Merry Christmas to you all! Edmund