Using ess 4.2.64.12, Virus database 5421 with Windows7

I am using ess 4.2.64.12, Virus database 5421 with Windows7 and see
these messages in the Firewall log ...

9/3/2010 6:38:37 AM Detected covert channel exploit in ICMP packet 192.168.1.5 207.99.0.1 ICMP
9/3/2010 6:38:36 AM Detected covert channel exploit in ICMP packet 192.168.1.5 207.99.0.1 ICMP
9/3/2010 6:38:35 AM Detected covert channel exploit in ICMP packet 192.168.1.5 207.99.0.1 ICMP
9/3/2010 6:38:34 AM Detected covert channel exploit in ICMP packet 192.168.1.5 207.99.0.1 ICMP

Tthe IP address, 207.99.0.1, is the DNS that I use ... it is set in my
hardware firewall.

What is this error condition?

How should it be cured?

Any/all suggestons/comments accepted and appreciated.

Thanks ...

--Always Learning

 

Hi, do you have any tv program in your computer, for example, to watch football games?

 

If the IP 207.99.0.1 belongs to a trusted device, add the IP to the list of addresses excluded from active protection in the zone setup.

 

I see that picomanico inquired ...

> Hi, do you have any tv program in your computer,
> for example, to watch football games?

No. ... Don't watch TV; ot using PC for that. Still installing applications.

I alsoo saw that Marcos suggested ...

> If the IP 207.99.0.1 belongs to a trusted device, add the IP to the
> list of addresses excluded from active protection in the zone setup.

Good suggestion ... that IP (207.99.0.1) is already in the trusted zone.

BTW, the firewall log shows another similar entry ...

> 9/4/2010 9:09:53 AM Detected covert channel exploit in ICMP packet
> 192.168.1.6 206.65.182.93 ICMP

According to whois.arin.net, his one is from an IP owned by ...

> MCI Communications Services, Inc. d/b/a Verizon Business (MCICS)

... and is probably a zombie.

I am still wondering about the first detection
(covert channel exploit 192.168.1.5 207.99.0.1)

Any/all suggestons/comments accepted and appreciated.

Thanks ...

--Always Learning