mortenoc 0 Posted May 20, 2017 Share Posted May 20, 2017 Hi. I have recently had a series of warnings from my ESET software about a computer executing af ICMP flood attack on my PC. The attacking computer turns out to be my own local home network router. Should I be worried? Is my router conpromised or infected? What action should I take? Best regards Morten Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted May 20, 2017 Administrators Share Posted May 20, 2017 You can exclude your router's IP address from IDS detection of that particular attack. Link to comment Share on other sites More sharing options...
mortenoc 0 Posted May 20, 2017 Author Share Posted May 20, 2017 So there is nothing to worry about then? Link to comment Share on other sites More sharing options...
Scupper 1 Posted May 25, 2017 Share Posted May 25, 2017 I have the same issue. It is hard to imagine that there aren't literally millions of home networks with a modem registered as 192.168.1.1. I have a Netgear R7000 running the latest firmware and default settings. What exactly is EIS detecting in this "ICMP flood"? and if you exclude your modem, what happens if the day comes it in fact becomes compromised? I consider this false positive a security risk. Link to comment Share on other sites More sharing options...
Recommended Posts