all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Tips on hunting down ICMP exfiltration from Windows 10.

Add to bookmarks
Jan. 30, 2022, 9:18 p.m. | /u/96Retribution

cybersecurity www.reddit.com

Have a Windows 10 PC that appears to be conducting ICMP exfiltration based on pfsense logs. Sending multiple consecutive ICMP packets to know bad recipients. MS Network Monitor does not display a process name. Neither NM nor wireshark give any meaningful payload data (assuming it is encrypted). Norton power eraser says nothing found, but no surprise there as they suck. Malwarebytes says the same.

My strong preference would be NOT to wipe the machine and start over but rather ferret …

cybersecurity down exfiltration hunting icmp tips windows windows 10

Visit resource

More from www.reddit.com / cybersecurity

Got a job as a Information Security Engineer; any book recs? 12 hours ago | www.reddit.com
book books ccsp certification +13
Any CCISO holders that can offer insight into the exam? 13 hours ago | www.reddit.com
admin can compliance council +18
Penetration testing report 14 hours ago | www.reddit.com
app cybersecurity penetration penetration testing +2
UCF wins the National Collegiate Cyber Defense Competition 14 hours ago | www.reddit.com
competition cyber cyber defense cybersecurity +4
Composition of roles in a security team 16 hours ago | www.reddit.com
cybersecurity endpoint grc interest +12
What are your top 5 questions to ask before hiring a Managed Security Service Provider … 19 hours ago | www.reddit.com
alignment ask capabilities communication +22
How much knowledge do you guys know about the industry that you work in? 20 hours ago | www.reddit.com
banking cybersecurity etc gas +8
Cisco reveals zero-day attacks used by hackers to attack government networks in major threat campaign 21 hours ago | www.reddit.com
attack attacks campaign cisco +7
Any Fortune 100 company go all in on Microsoft E5 Security Suite? 1 day, 7 hours ago | www.reddit.com
all in cybersecurity defender defenders +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Principal Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com

Security Engineer- Systems Integration

@ Meta | Bellevue, WA | Menlo Park, CA | New York City
View on infosec-jobs.com

Lead Security Engineer (Digital Forensic and IR Analyst)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Senior Principal IAM Engineering Program Manager Cybersecurity

@ Providence | Redmond, WA, United States
View on infosec-jobs.com

Information Security Analyst II or III

@ Entergy | The Woodlands, Texas, United States
View on infosec-jobs.com
View more jobs