Sir, recently we have been bombarded with pings with the return address of 0000. Luckily our Zone Alarm has caught all (we hope)of these pings. Would you have any idea how, or where these could be coming from -- or, more importantly, how to stop this? No one we have spoken to has heard of this one. Sometimes we get 100 of these in one day. Thank you in advance. I used Zone Alarm until about a year ago, but unfortunately I don't remember...
enough about it to interpret the messages it's giving you. I can't think of any reasonable explanation for ICMP/PING packets not to have a source address.
I wish I knew what type of network you're connected to. Routers shouldn't forward packets without a source address, so there's a good chance that it's coming from your local area network. If it is coming from your LAN, you can inspect the MAC address of the frame to determine which network card is generating it (assuming that, too, hasn't been blocked). If you don't have a list of the MAC addresses of systems on your LAN, you can check a given system by running "IPCONFIG -all" from a command prompt and looking for the Physical Address. That will work for most versions of Windows.
I have to wonder why you want to stop it? 100 datagrams per day certainly doesn't constitute a denial-of-service attack, and ICMP datagrams aren't generally used for more sophisticated attacks.
Dig Deeper on Enterprise Infrastructure Management
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.