Strange ICMP bursts at firewall

edited March 2022 in Firebox - Other


I am experiencing strange ICMP bursts from different IP addresses. They come every day and common thing is that 177 packets are received every time. Packets come 6 - 10 in one second. Only thing which changes is TTL which is always from 1 to 59. TTL starts from low numbers and gradually increases. Could this be a fingerprint of some tool which hackers are using?

I am attaching a sample of one burst(with my firewall ID and IP addresses removed).

Best Answer


  • Thank you.

    PS The addresses I xxx:d are my public address and the other one is public source address. I do not want to reveal them.

Sign In to comment.