What can you infer from this information?

Posted by: Pdfprep Category: CPEH-001 Tags: , , Post Date: December 13, 2020

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites.

77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0.

What can you infer from this information?
A . The packets were sent by a worm spoofing the IP addresses of 47 infected sites
B . ICMP ID and Seq numbers were most likely set by a tool and not by the operating system
C . All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number
D . 13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

Answer: B

Author

Leave a Reply

Your email address will not be published.