thousands of ICMP requests on sonicwall Pro 2040

mrjking2000 used Ask the Experts™
Hi everyone,

Have a quick question, I have dug around a bit and not really come up with anything.  I have a customer who is getting hammered by the same IP address which resolves back to  Seems to be an ICMP packet.

I don't think this is legitimate traffic coming into their office, but then again the IP never changes.  Below is the log just continually repeats itself for pages.

10/15/2010 22:32:55.656 -       ICMP packet dropped -, 8, WAN -       (my customer IP), 0, WAN -       ICMP Type:   8, Code:   0

Anyone know what this is?  Should it be allowed to pass through?  All the other customers with pro 2040 firewalls don't have this traffic.

Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Sounds like a ping flood:

Your firewall is doing right by dropping the packets. If I were you, I'd make sure all traffic is blocked to and from, 8 and would also alert that suspicious traffic is originating from one of their boxes.


they have been contacted, an auto response was received.

If you are reporting unusual probing activity, scanning, or any other
suspicious activity (aka: hacking) originating from any IP address on
our network, please provide a copy of your firewall log indicating
the IP address, date, time, time zone, and the type of attack/probe.
Please be assured that we do investigate each report and that we will
take the appropriate actions required.

Thanks for the help, I was wondering if this was an attack or just some program trying to talk to the network.  Judging by the fact they are only trying to access the wan side...well most likely an attack.

If I get a response from tellurian (they said I may not) I'll post it.


Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial