Что за вирус? Сплошной icmp redirect

Corsair · 2011-09-20 11:42:20

В последнее время tсpdump-ом ловлю следующее. Может кто встречался с таким вирусом? Как найти источник?

14:37:16.386219 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.8.11 to host 192.168.8.11, length 36
14:37:16.584515 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.100 to host 192.168.0.100, length 36
14:37:16.650221 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.33 to host 192.168.1.33, length 36
14:37:17.051985 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.102 to host 192.168.0.102, length 36
14:37:17.056246 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.101 to host 192.168.0.101, length 36
14:37:17.105307 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.101 to host 192.168.0.101, length 36
14:37:17.920416 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.100 to host 192.168.0.100, length 36
14:37:18.014189 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.100 to host 192.168.1.100, length 36
14:37:18.212656 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.100 to host 192.168.0.100, length 36
14:37:18.476415 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.47 to host 192.168.1.47, length 36
14:37:18.549514 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.4 to host 192.168.1.4, length 36
14:37:19.062549 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.101 to host 192.168.0.101, length 36
14:37:19.259602 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.101 to host 192.168.0.101, length 36
14:37:19.286526 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.101 to host 192.168.0.101, length 36
14:37:19.326580 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.5.35 to host 192.168.5.35, length 36
14:37:19.921943 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.100 to host 192.168.0.100, length 36
14:37:20.212107 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.100 to host 192.168.0.100, length 36
14:37:20.409068 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.10.33 to host 192.168.10.33, length 36
14:37:20.469805 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.47 to host 192.168.1.47, length 36
14:37:20.551796 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.4 to host 192.168.1.4, length 36
14:37:20.672260 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.100 to host 192.168.0.100, length 36
14:37:20.817864 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.12 to host 192.168.1.12, length 36
14:37:21.060082 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.101 to host 192.168.0.101, length 36
14:37:21.279814 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.101 to host 192.168.0.101, length 36
14:37:21.293908 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.101 to host 192.168.0.101, length 36
14:37:21.925766 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.100 to host 192.168.0.100, length 36
14:37:22.209242 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.100 to host 192.168.0.100, length 36
14:37:22.497942 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.10.33 to host 192.168.10.33, length 36
14:37:22.554117 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.47 to host 192.168.1.47, length 36
14:37:22.615060 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.4 to host 192.168.1.4, length 36
14:37:22.670968 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.0.100 to host 192.168.0.100, length 36
14:37:22.857462 IP 192.168.3.1 > 192.168.3.32: ICMP redirect 192.168.1.12 to host 192.168.1.12, length 36

Увійти

Что за вирус? Сплошной icmp redirect

Рекомендованные сообщения

Corsair 4

Ссылка на сообщение

Поделиться на других сайтах

Создайте аккаунт или войдите в него для комментирования

Создать аккаунт

Вхід

Зараз на сторінці 0 користувачів

Спільнота

Активність