More info on covert channel exploit in ICMP packet

Discussion in 'ESET Smart Security' started by Tomm, Apr 15, 2013.

Thread Status:
Not open for further replies.
  1. Tomm

    Tomm Registered Member

    Joined:
    Aug 16, 2004
    Posts:
    1
    I just ran PingPlotter Freeware to look at packet loss & delays, and got a firewall warning from Eset Smart Security (Ver 5.2.9.1)

    "Detected covert channel exploit in ICMP packet"

    The message is inexplicit & doesn't give enough info.
    • I can kind of guess that this suggests info might be being smuggled off my PC to - where - ? would it go to the ping target, or could it be set up with a spoof return address or the like to go somewhere else.
    • Should I worry about it ?
    • Should I stop using the app ?
    • What exactly was in the covert channel, and if it was magically being sent off somewhere, where was it going ?
     
    Tomm, Apr 15, 2013
    #1
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    If disabling ICMP protocol checking in the IDS setup help, leave it disabled. This won't compromise your security in any way.
     
    Marcos, Apr 15, 2013
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...