Strange ICMP bursts at firewall
Hi
I am experiencing strange ICMP bursts from different IP addresses. They come every day and common thing is that 177 packets are received every time. Packets come 6 - 10 in one second. Only thing which changes is TTL which is always from 1 to 59. TTL starts from low numbers and gradually increases. Could this be a fingerprint of some tool which hackers are using?
I am attaching a sample of one burst(with my firewall ID and IP addresses removed).
0
Best Answer
-
This suggests a tracert is being run.
https://networklessons.com/cisco/ccna-routing-switching-icnd1-100-105/tracerouteFYI - no need to xxx out private IP addrs as disclosing them incurs no security risk on your part.
0
Sign In to comment.
Answers
Thank you.
PS The addresses I xxx:d are my public address and the other one is public source address. I do not want to reveal them.