Detected covert exploit in ICMP packet?

Discussion in 'ESET Smart Security' started by satasonic, Apr 20, 2011.

Thread Status:
Not open for further replies.
  1. satasonic

    satasonic Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    51
    Strange log in the firewall. I appear to get this message when I enter a specific online game. What does the message mean?
     
  2. satasonic

    satasonic Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    51
    Anyone knows what it is?
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,768
    Location:
    Texas
    This is from November, 2009.

    http://kb.eset.com/esetkb/index?page=content&id=SOLN2274

     
  4. satasonic

    satasonic Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    51
    It seems to belong to Akamai Technologies (?)

    What does that article mean? Does it mean that its usual to get messages like this?
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,768
    Location:
    Texas
    It means there was a problem that was to be corrected. ESET will have to comment on this.
     
  6. satasonic

    satasonic Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    51
    I see, thank you for your answer. Is it dangerous though? What kind of problem is it? It appears every single time I launch this game o_O
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,768
    Location:
    Texas
    Could be.
    Fragmented packets can used for different reasons. Let's see if ESET will comment on your log.
     
  8. satasonic

    satasonic Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    51
    Might be of help, but I checked the IP and it belongs to Akamai Technologies, which is apparently a server company which establishes connection between Asia to Australia and the US. The server of the game is located in Asia and I live in Australia, could it be that its just a false message? The company isnt an ISP so I think it has something to do with it.

    Additionally, Ive noticed that I get the message only when I run as administrator, which is sort of strange. When I checked in google, the game company really does have a contract with Akamai, which supposedly reduces lag to other gamers around the world.

    I think its just a false positive or something. Everything seems completely legit.
     
  9. satasonic

    satasonic Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    51
  10. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Akamai is safe.

    Akamai is a huge provider of server power etc.. for many many IT companies around the world: -http://www.akamai.com/html/customers/customer_list.html

    For example, when I updated Safari the other day I used Server Capacity hosted at Akamai.
     
    Last edited: Apr 20, 2011
  11. satasonic

    satasonic Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    51
    Whats a good website for checking out the IP address (Corporation name, location, stuff like that) So I can make sure its Akamai and not something else?
     
  12. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,956
    Location:
    U.S.A.
    satasonic, perhaps this one: http://whois.domaintools.com.
     
  13. satasonic

    satasonic Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    51
    The IP belongs to Akamai. So if its safe, its just a false positive, right?
     
  14. satasonic

    satasonic Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    51
    Does anyone know?
     
  15. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    As you say it is Akamai and it is safe.
     
  16. stratoc

    stratoc Guest

    I get two of these everytime i reboot my router for the firmware update...
     
Thread Status:
Not open for further replies.