Strange firewall behaviour

Discussion in 'ESET Smart Security' started by jackbrennan2008, Apr 29, 2012.

Thread Status:
Not open for further replies.
  1. jackbrennan2008
    Offline

    jackbrennan2008 Registered Member

    Hi all,

    My firewall log has been filling up with the following entry.

    "Detected covert channel exploit in ICMP packet"

    I get a new entry every 3 seconds to a remote address of 194.95.249.23 which resolves to http://www.cfos.de

    Here is a screenshot with currports open and it doesn't even show a connection to that address and neither does the firewall activity monitor in ESS.

    http://i24.photobucket.com/albums/c11/smakme7757/ICMP.png

    Any ideas?
  2. Janus
    Offline

    Janus Registered Member

  3. jackbrennan2008
    Offline

    jackbrennan2008 Registered Member

    I've disabled the notification already. Seeing as that's one of the solution i'll just leave it at that.

    Thanks :)
  4. canoraid
    Offline

    canoraid Registered Member

    I'm aware that this issue has been resolved, but do you use an ASUS motherboard? One of the utilities included in the accompanying software seems to cause this by pinging the website of the software co-developer. Turning off the utility (via Start>ASUS>AI Suite II> AI Suite II and then in the application Tool>Network iControl> Off) resolves the issue, as does setting the firewall to allow access to the IP in question.
Thread Status:
Not open for further replies.