[FUG-BR] Mensagens de ICMP
Vinicius Zavam
egypcio em secrel.com.br
Qui Fev 2 16:27:49 BRST 2006
em linux,
poderia ter ligacao com o tamanho da conntrack
e qqr solicitacao ping retornaria tempo excedido
------------------- reply ---------------
> From: ademir em tellecom.com.br
> To: Freebsd em fug.com.br
> Subject: [FUG-BR] Mensagens de ICMP
> Date: 2006-02-02 09:50:17
> ----------------------------------
> Prezados,
>
> Quando uso um tcpdump -n icmp recebo esse retorno abaixo. O que pode
> ser?
> Virus? Ataques DoS?
>
>
>
>
>
>
> 09:43:10.608708 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:10.696727 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:10.749282 IP 200.216.137.219 > 192.168.0.17: icmp 36: host 200.149.71
> 96 unreachable
> 09:43:10.905689 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:11.675079 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:11.738560 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:12.077517 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:12.652459 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:12.899489 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:13.175427 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:13.224105 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:13.944224 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:14.185717 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:14.236215 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:15.147459 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:15.809940 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:16.087897 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:16.124814 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:17.021756 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:17.095507 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:17.208730 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:18.263573 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:18.303561 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:18.381342 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:19.350405 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:19.471750 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:20.667038 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:20.667258 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:21.667827 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:22.707457 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:23.808854 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:24.215019 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 42254 unreachable
> 09:43:24.217813 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54498 unreachable
> 09:43:24.225201 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54499 unreachable
> 09:43:24.239339 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54500 unreachable
> 09:43:24.241174 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54501 unreachable
> 09:43:24.446637 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 42254 unreachable
> 09:43:24.457354 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54498 unreachable
> 09:43:24.463430 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54500 unreachable
> 09:43:24.469541 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54501 unreachable
> 09:43:24.625433 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 42254 unreachable
> 09:43:24.627102 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54498 unreachable
> 09:43:24.631124 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54499 unreachable
> 09:43:24.635713 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54500 unreachable
> 09:43:24.644409 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54501 unreachable
> 09:43:24.664237 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54709 unreachable
> 09:43:24.664649 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54710 unreachable
> 09:43:24.665026 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54711 unreachable
> 09:43:24.665439 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54712 unreachable
> 09:43:24.670950 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54713 unreachable
> 09:43:24.674424 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54714 unreachable
> 09:43:24.683001 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54715 unreachable
> 09:43:24.687144 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54716 unreachable
> 09:43:24.691457 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54717 unreachable
> 09:43:24.695380 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54718 unreachable
> 09:43:24.700373 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54719 unreachable
> 09:43:24.705781 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54720 unreachable
> 09:43:24.710924 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54721 unreachable
> 09:43:24.716120 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54722 unreachable
> 09:43:24.721490 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54723 unreachable
> 09:43:24.727035 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54708 unreachable
> 09:43:24.913950 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:25.436541 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 42254 unreachable
> 09:43:25.448418 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54498 unreachable
> 09:43:25.449171 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54499 unreachable
> 09:43:25.456974 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54500 unreachable
> 09:43:25.457873 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54501 unreachable
> 09:43:25.463105 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54709 unreachable
> 09:43:25.468115 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54710 unreachable
> 09:43:25.473876 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54711 unreachable
> 09:43:25.478467 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54712 unreachable
> 09:43:25.484202 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54713 unreachable
> 09:43:25.488949 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54714 unreachable
> 09:43:25.494272 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54715 unreachable
> 09:43:25.499488 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54716 unreachable
> 09:43:25.507176 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54717 unreachable
> 09:43:25.512391 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54718 unreachable
> 09:43:25.517350 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54719 unreachable
> 09:43:25.522861 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54720 unreachable
> 09:43:25.528294 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54721 unreachable
> 09:43:25.537029 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54722 unreachable
> 09:43:25.538840 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54723 unreachable
> 09:43:25.549404 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54708 unreachable
> 09:43:25.989764 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:26.440319 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:26.482316 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:26.920120 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:27.196026 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 42254 unreachable
> 09:43:27.201000 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54498 unreachable
> 09:43:27.206826 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54499 unreachable
> 09:43:27.212166 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54500 unreachable
> 09:43:27.216657 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54501 unreachable
> 09:43:27.221770 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54709 unreachable
> 09:43:27.231341 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54710 unreachable
> 09:43:27.235733 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54711 unreachable
> 09:43:27.240708 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54712 unreachable
> 09:43:27.245280 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54713 unreachable
> 09:43:27.251252 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54714 unreachable
> 09:43:27.255953 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54715 unreachable
> 09:43:27.261072 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54716 unreachable
> 09:43:27.266749 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54717 unreachable
> 09:43:27.272012 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54718 unreachable
> 09:43:27.277176 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54719 unreachable
> 09:43:27.283073 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54720 unreachable
> 09:43:27.288718 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54721 unreachable
> 09:43:27.292657 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54722 unreachable
> 09:43:27.298731 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54723 unreachable
> 09:43:27.303044 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54708 unreachable
> 09:43:27.654845 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:27.791116 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:28.298719 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:28.358112 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:29.042927 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:29.121897 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:29.474859 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:29.745601 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:30.269739 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:30.317679 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 42254 unreachable
> 09:43:30.330893 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54498 unreachable
> 09:43:30.337093 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54499 unreachable
> 09:43:30.337361 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54500 unreachable
> 09:43:30.354778 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54501 unreachable
> 09:43:30.367426 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54709 unreachable
> 09:43:30.375283 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54710 unreachable
> 09:43:30.375496 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54711 unreachable
> 09:43:30.375691 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54712 unreachable
> 09:43:30.376075 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54713 unreachable
> 09:43:30.376355 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54714 unreachable
> 09:43:30.376553 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54715 unreachable
> 09:43:30.394399 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54716 unreachable
> 09:43:30.400480 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54717 unreachable
> 09:43:30.405411 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54718 unreachable
> 09:43:30.410851 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54719 unreachable
> 09:43:30.411223 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54720 unreachable
> 09:43:30.411422 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54721 unreachable
> 09:43:30.411834 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54722 unreachable
> 09:43:30.412215 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54723 unreachable
> 09:43:30.437776 IP 201.8.227.182 > 192.168.0.15: icmp 36: 201.8.227.182 udp
> port 54708 unreachable
> 09:43:30.660432 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:30.980827 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:31.208435 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:31.842496 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:32.096492 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:32.436460 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:32.972329 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:33.286132 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:33.525271 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:33.882655 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:34.414107 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:34.552086 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:34.781825 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:35.383311 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:35.768902 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:35.957875 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:36.314240 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:36.876424 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:37.577626 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:37.904233 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:38.112546 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:38.215466 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded
> in-transit
> 09:43:38.779442 IP 200.254.103.29 > 192.168.0.16: icmp 36: time exceeded
> in-transit
> 09:43:39.149457 IP 200.254.103.29 > 192.168.0.17: icmp 36: time exceeded in-transit
>
> _______________________________________________
> Freebsd mailing list
> Freebsd em fug.com.br
> http://mail.fug.com.br/mailman/listinfo/freebsd_fug.com.br
>
_______________________________________________
Freebsd mailing list
Freebsd em fug.com.br
http://mail.fug.com.br/mailman/listinfo/freebsd_fug.com.br
Mais detalhes sobre a lista de discussão freebsd