Eset + Skype = Detected covert channel exploit in ICMP packet

[E-Concept Applications 0]

Hello,

 

Since April 15, I regulary have detections by ESET Endpoint Security (v6.3 and v6.4): "Detected covert channel exploit in ICMP packet" (In french: Intrusion d'un canal dissimulé dans un paquet ICMP détectée).

 

I had trouble understanding where it came from, and in fact, every time the IP specified relate to Skype contacts with whom I talk.

 

Is it really an exploit or a false positive?

 

Thank you in advance for your answer.

 

David

 

PS : Sorry for my bad english...

[Marcos 5,074]

Some applications may send some data via the ICMP protocol which is not common and this is detected by ESS. It doesn't mean that the communication is malicious, it's just suspicious. The data should be visible in a pcap log created by Wireshark so you can create one and send it to me via a personal message or upload it to a safe location and pm me the download link.