traceroute intrusion detected

Forum|Forum|9 years ago
May 25, 2017
1 reply
6416 views

i have some windows 10 client getting the following traceroute intrusion.

what should i do ?

or i can just ignore them since the threat level is low.

destination is some site in microsoft.com

traceroute.jpg

kinmunAuthor

New Member

how do i prevent/block these 2 clients from doing the traceroute/icmp "attacks" ?

i have already create a rule to block traceroute and icmp for these 2 clients.

kinmunAuthor

New Member

its says related to CVE-1999-0525.

traceroute packet.

is it really harmless

kurtli_FTNT

Staff

Hi there,

According to the fortiguard/IPS, this is a low level problem. So if you've setup a rule on FGT to block these 2 PCs traceroute, then this information gathering stopped. If this problem happens constantly, for the root cause, you probably need to dig into these two windows to find out which process/daemon or even malware is sending out this probe. Suggest to download a forticlient to scan the entire computer to see if anything wrong.

Thanks

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded