Jump to content

Eset + Skype = Detected covert channel exploit in ICMP packet


Recommended Posts

Hello,

 

Since April 15, I regulary have detections by ESET Endpoint Security (v6.3 and v6.4): "Detected covert channel exploit in ICMP packet" (In french: Intrusion d'un canal dissimulé dans un paquet ICMP détectée).

 

I had trouble understanding where it came from, and in fact, every time the IP specified relate to Skype contacts with whom I talk.

 

Is it really an exploit or a false positive?

 

Thank you in advance for your answer.

 

David

 

PS : Sorry for my bad english...

Link to post
Share on other sites
  • Administrators

Some applications may send some data via the ICMP protocol which is not common and this is detected by ESS. It doesn't mean that the communication is malicious, it's just suspicious. The data should be visible in a pcap log created by Wireshark so you can create one and send it to me via a personal message or upload it to a safe location and pm me the download link.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...