What can you infer from this information?

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?

A.
13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

B.
ICMP ID and Seq numbers were most likely set by a tool and not by the operating system

C.
All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number

D.
The packets were sent by a worm spoofing the IP addresses of 47 infected sites



Leave a Reply 2

Your email address will not be published. Required fields are marked *


mr_tienvu

mr_tienvu

I choose B

Ghost Man

Ghost Man

D is the And