Jump to content

Eset + Skype = Detected covert channel exploit in ICMP packet

Recommended Posts



Since April 15, I regulary have detections by ESET Endpoint Security (v6.3 and v6.4): "Detected covert channel exploit in ICMP packet" (In french: Intrusion d'un canal dissimulé dans un paquet ICMP détectée).


I had trouble understanding where it came from, and in fact, every time the IP specified relate to Skype contacts with whom I talk.


Is it really an exploit or a false positive?


Thank you in advance for your answer.




PS : Sorry for my bad english...

Link to comment
Share on other sites

  • Administrators

Some applications may send some data via the ICMP protocol which is not common and this is detected by ESS. It doesn't mean that the communication is malicious, it's just suspicious. The data should be visible in a pcap log created by Wireshark so you can create one and send it to me via a personal message or upload it to a safe location and pm me the download link.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...