How to Detect Ping Sweep
A ping sweep is not overly difficult to detect. It's a simple type of network probe where a machine sends out ping requests to all the members of a network, seeing which ones respond. The sweep is used to determine which machines are active, at which point the attacker can then refocus into breaking into one of them. Ping sweeps are also used by system administrators to diagnose their own networks, so there are legitimate reasons for them. You'll need networking monitoring software in order to detect a ping sweep.
Other People Are Reading
Instructions
-
-
1
Connect to your network.
-
2
Start your network monitor software and have it monitor your network connection. See Resources for a couple of examples of network monitoring software, including an open source, free version.
-
-
3
Filter out all packets except "ICMP." This is the protocol used for pings. You will now see various traffic from different machines on your network. Look for a system that is sending out numerous ICMP packets to different machines. This is the machine conducting the ping sweep, looking for network vulnerabilities.
-
1
