Security Basics mailing list archives
Re: Strange pings from 127.0.0.1
From: Tim Schwimer <tschwimer () hotmail com>
Date: 13 Jun 2004 07:24:05 -0000
In-Reply-To: <GAEPLEDFDDGJLBGAABCNKENBCMAA.gg () stober mailsnare net> I started seeing the same thing on my DMZ segments this Friday afternoon at about 4:00pm (figures, huh??). Anyway, I was wondering what you found out about this. Any insight would be appreciated. Thanks, T
Received: (qmail 20239 invoked from network); 14 May 2004 15:58:54 -0000 Received: from outgoing.securityfocus.com (HELO outgoing2.securityfocus.com) (205.206.231.26) by mail.securityfocus.com with SMTP; 14 May 2004 15:58:54 -0000 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) by outgoing2.securityfocus.com (Postfix) with QMQP id 4018A1437B0; Fri, 14 May 2004 17:53:53 -0600 (MDT) Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Received: (qmail 13781 invoked from network); 13 May 2004 21:45:06 -0000 From: "Marc" <gg () stober mailsnare net> To: <security-basics () securityfocus com> Subject: Strange pings from 127.0.0.1 Date: Thu, 13 May 2004 23:55:35 -0400 Message-ID: <GAEPLEDFDDGJLBGAABCNKENBCMAA.gg () stober mailsnare net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Importance: Normal The networked applications I am responsbile for have been performing slowly. When I tried to run Ethereal on my computer, I found some odd ICMP echo request (ping) packets with a source IP of 127.0.01, to addresses both within our 192.168.1.* network as well as to random Internet addresses. The source and destination Mac addresses aren't anything I can associate with a computer on our network (and they're not the real Mac address of my computer), so I think maybe these packets are spoofed? Could this be some sort of virus or DOS attack somewhere within our network? I've haven't seen anything quite like this mentioned online anywhere. Thanks, Marc --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: Strange pings from 127.0.0.1 Tim Schwimer (Jun 14)
- Re: Strange pings from 127.0.0.1 Murad Talukdar (Jun 18)
- <Possible follow-ups>
- Re: Strange pings from 127.0.0.1 Timothy Schwimer (Jun 18)
- Re: Strange pings from 127.0.0.1 Ranjeet Shetye (Jun 21)
- Re: Strange pings from 127.0.0.1 Nelson Santos (Jun 23)
- RE: Strange pings from 127.0.0.1 David Gillett (Jun 24)
- Re: Strange pings from 127.0.0.1 Ranjeet Shetye (Jun 21)
- Strange pings from 127.0.0.1 Andrew Aris (Jun 22)
- Re: Strange pings from 127.0.0.1 Alan Hicks (Jun 23)
- Re: Strange pings from 127.0.0.1 Kelly John Rose (Jun 23)
- RE: Strange pings from 127.0.0.1 David Gillett (Jun 24)
- RE: Strange pings from 127.0.0.1 Andrew Aris (Jun 24)