You could always filter the ICMP ECHO type 8 on the firewall which
basically will just  not respond to these requests. Might be nicer to
capture the packets and inspect them to see if anything else is going
on..

 

Z

 

Edward Ziots

CISSP, Security +, Network +

Security Engineer

Lifespan Organization

[email protected]

 

From: Richard McClary [mailto:[email protected]] 
Sent: Friday, June 01, 2012 2:59 PM
To: NT System Admin Issues
Subject: Ping attack attempts

 

Greetings!

 

Second time this has happened (that I know of, anyway) to us...

 

Every 10  minutes  (for the past 2 hours), some * sends about 2 dozen
ping attempts to our firewall.  Obviously scripted, and probably spoofed
IPs as well.  (Firewall is set to block external ICMP traffic.)

 

In ARIN, the IP addresses are assigned to an on-line video service
(OVGuide.com).  That IP is part of the Internap system.  Again, though,
the IPs are likely spoofed.

 

Other than turning off the alarms so that such attempts are no longer
reported (which would reduce mail traffic), is this just something to
live with?

--

Richard D. McClary

Jr Infrastructure Architect, Information Technology Group 

ASPCA(r)

1717 S. Philo Rd, Ste 36

Urbana, IL 61802

[email protected]

P: 217-337-9761

C: 217-417-1182

F: 217-337-9761

www.aspca.org <http://www.aspca.org/> 

 

 


The information contained in this e-mail, and any attachments hereto, is
from The American Society for the Prevention of Cruelty to Animals(r)
(ASPCA(r)) and is intended only for use by the addressee(s) named herein
and may contain legally privileged and/or confidential information. If
you are not the intended recipient of this e-mail, you are hereby
notified that any dissemination, distribution, copying or use of the
contents of this e-mail, and any attachments hereto, is strictly
prohibited. If you have received this e-mail in error, please
immediately notify me by reply email and permanently delete the original
and any copy of this e-mail and any printout thereof. 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin

Reply via email to