|
|
#1
April 29th, 2012, 06:16 AM
|
|||
|
|||
Strange firewall behaviour
Hi all,
My firewall log has been filling up with the following entry. "Detected covert channel exploit in ICMP packet" I get a new entry every 3 seconds to a remote address of 194.95.249.23 which resolves to http://www.cfos.de Here is a screenshot with currports open and it doesn't even show a connection to that address and neither does the firewall activity monitor in ESS. http://i24.photobucket.com/albums/c1...e7757/ICMP.png Any ideas? |
|
#2
April 29th, 2012, 06:44 AM
|
|||
|
|||
|
Re: Strange firewall behaviour
Hey jackbrennan2008
There has been a thread about that specific issue before, : http://www.wilderssecurity.com/showt...it+ICMP+packet in the last post (11) in the thread, foneil ( eset moderator) links to a solution. Best of luck 
__________________
Simplicity |
|
#3
April 29th, 2012, 06:59 AM
|
|||
|
|||
|
Re: Strange firewall behaviour
I've disabled the notification already. Seeing as that's one of the solution i'll just leave it at that.
Thanks |
|
#4
May 10th, 2012, 12:11 AM
|
|||
|
|||
|
Re: Strange firewall behaviour
I'm aware that this issue has been resolved, but do you use an ASUS motherboard? One of the utilities included in the accompanying software seems to cause this by pinging the website of the software co-developer. Turning off the utility (via Start>ASUS>AI Suite II> AI Suite II and then in the application Tool>Network iControl> Off) resolves the issue, as does setting the firewall to allow access to the IP in question.
|
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
