Ping of death from my XP Pro workstation logged in Zyxel firewall reports
Posted on 2005-04-25
I have a Zyxel Prestige 660H ADSL NAT router/firewall, on a mixed workgroup network (3 XP Pro, 1 Win2k, 1 Redhat Linux 9 with Samba).
I get it to email me its attack logs, and I have been seeing a lot of the following since last Friday (22 April) ...
No. Time Source IP Destination IP Note
1|04/22/2005 17:21:51 |192.168.1.3 |18.104.22.168 |ATTACK
ping of death. ICMP(type:0, code:0)
2|04/22/2005 17:21:51 |192.168.1.3 |22.214.171.124 |ATTACK
ping of death. ICMP(type:8, code:0)
The destination IP has always been 126.96.36.199 or 188.8.131.52, and there have been 1 or 2 attacks per day. The source IP is always my main XP Pro machine. The destination IPs are in a big Internet gateway in London, two hops from my ISP.
I run NOD32 Anti-Virus here, always kept up to date, and it has not detected anything. I also run Ad-Aware, and it hasn't detected anything either.
Has anyone got an explanation of why these are occurring?