North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Really odd pings going out

  • From: Tony Rall
  • Date: Wed Oct 19 01:26:26 2005
  • Sensitivity:

On Tuesday, 2005-10-18 at 21:18 MST, Aaron Glenn <[email protected]> 
wrote:
> I've found this tool to be very handy in finding out just what process
> is doing what.
> 
> http://www.sysinternals.com/Utilities/TcpView.html

But Tcpview doesn't show anything for icmp - which is what was happening 
in this case.  However, if the "guilty" process is also using tcp, Tcpview 
will likely identify it.

On the other hand, a firewall that limits outbound traffic to only 
"permitted" programs would probably nail the program involved (Zonealarm 
is one example of such a firewall).

> btw, I don't think nanog is the most appropriate list for these types
> of questions, fyi.

Probably so.  The newsgroup news:comp.security.misc might be a better 
place.

Tony Rall