LOL!
I believe that the question should be: Why are you pinging me? Tell me what
admin who sees thousands of ping from one host does not investigation the
nature? Do mean to say that if you were to log thousands of pings, you would
ignore them?
Also many ping attacks start with harmless ping probes.
Marc
LOL!
I believe that the question should be: Why are you pinging me? Tell me what
admin who sees thousands of ping from one host does not investigation the
nature? Do mean to say that if you were to log thousands of pings, you would
ignore them?Also many ping attacks start with harmless ping probes.
The example you gave noted 2400 ICMP echo requests in a three hour
period. On most systems I have worked with, the standard ping utility
sends ICMP echo requests at a rate of one per second. This is 3600 echo
requests per hour, 10800 in a three hour period.
In my experience, is fairly common place to leave ping running for
extended periods of time to observe network performance and detect
intermittent problems.
I would think this number of echo requests from a single host in such a
timeframe is hardly abnormal, and I could care less.
Should I receive 10800 echo requests in less than a minute I could become
concerned, depending on the popularity of the system in question.