Recent content by SysEng

  1. S

    ICMP Sweep & Port Scan Attacks!!!!

    I agree that it is malicious and action needs to be taken. I used Hijackthis to locate any malicious activity on one machine and was able to remove several worms and malware. The other machines I can't locate at the moment because the DHCP address was released from the machines and renewed...
  2. S

    ICMP Sweep & Port Scan Attacks!!!!

    The ICMP Sweep threshold maximum is set to 128 ICMP packets per second Port Scan threshold maximum is set to 512 Syn/sec
  3. S

    ICMP Sweep & Port Scan Attacks!!!!

    And now that I think about it, the user did have IPOD software installed. That could caused the ICMP sweep right?
  4. S

    ICMP Sweep & Port Scan Attacks!!!!

    Malware I found several spyware/malware applications on one of the machines that I removed. I suspect that one of them was the cause of the ICMP Sweeping. It was a ICMP broadcast that trigged NIDS. I'm not sure what you mean by what constitutes ICMP sweeping and Port Scanning. Fortinet...
  5. S

    ICMP Sweep & Port Scan Attacks!!!!

    I've just recently installed Fortinet(appliance) on my networks perimeter. The box is used as for anti-virus filtering and NIDS. Since I've installed the appliance I've been able to successfully quarantine several viruses. I'm even able to track down the boxes that the viruses are coming...
Back
Top Bottom