• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Help on understanding this firewall message

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Firewalls // Intrusion Detection - External Security

View previous topic :: View next topic  
Author Message
cingo
Just Arrived
Just Arrived


Joined: 01 Nov 2009
Posts: 0


Offline

PostPosted: Sun Nov 01, 2009 8:56 am    Post subject: Help on understanding this firewall message Reply with quote

Hi,

Can anyone help me understand this message? I am using the trial Symantec Endpoint Protection 11.00
I think someone is trying a different intrusion approach???

Code:


File Version: 
File Description:  ntoskrnl.exe
File Path:  C:\WINDOWS\system32\ntoskrnl.exe
Digital Signature: 
Process ID:  0x4 (Hexadecimal) 4 (Decimal)

Connection origin:   remote initiated
Protocol:      ICMP
Local Address:    224.0.0.1
ICMP Type:      8 (Echo Request)
ICMP Code:       0
Remote Name:         
Remote Address:   124.xxx.xxx.xxx

Ethernet packet details:
Ethernet II (Packet Length: 74)
   Destination:  MAC_ID
   Source:  MAC_ID
Type: IP (0x0800)
Internet Protocol
   Version: 4
   Header Length: 20 bytes
   Flags:
      .0.. = Don't fragment: Not set
      ..0. = More fragments: Not set
   Fragment offset:0
   Time to live: 128
   Protocol: 0x1 (ICMP - Internet Control Message Protocol)
   Header checksum: 0xd8d3 (Correct)
   Source: 124.XXX.XXX.XXX
   Destination: 224.0.0.1
Internet Control Message Protocol
   Type: 8 (Echo Request)
   Code: 0
   Data (36 bytes)

Binary dump of the packet:
0000:  01 00 5E 00 00 01 00 23 : AE 25 42 A4 08 00 45 00 | ..^....#.%B...E.
0010:  00 3C AF 9E 00 00 80 01 : D3 D8 7C 7D 5A CB E0 00 | .<........|}Z...
0020:  00 01 08 00 2D DE 00 01 : 0A 90 42 69 74 44 65 66 | ....-.....BitDef
0030:  65 6E 64 65 72 20 46 69 : 72 65 77 61 6C 6C 20 42 | ender Firewall B
0040:  72 6F 61 64 63 61 73 74 : 00 00                   | roadcast..     
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Firewalls // Intrusion Detection - External Security All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register