More info on covert channel exploit in ICMP packet

Discussion in 'ESET Smart Security' started by Tomm, Apr 15, 2013.

Thread Status:
Not open for further replies.
  1. Tomm

    Tomm Registered Member

    Joined:
    Aug 16, 2004
    Posts:
    1
    I just ran PingPlotter Freeware to look at packet loss & delays, and got a firewall warning from Eset Smart Security (Ver 5.2.9.1)

    "Detected covert channel exploit in ICMP packet"

    The message is inexplicit & doesn't give enough info.
    • I can kind of guess that this suggests info might be being smuggled off my PC to - where - ? would it go to the ping target, or could it be set up with a spoof return address or the like to go somewhere else.
    • Should I worry about it ?
    • Should I stop using the app ?
    • What exactly was in the covert channel, and if it was magically being sent off somewhere, where was it going ?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If disabling ICMP protocol checking in the IDS setup help, leave it disabled. This won't compromise your security in any way.
     
Thread Status:
Not open for further replies.