Random people pinging your computer...

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • eccerr0r
    Solder Sloth
    • Nov 2012
    • 8687
    • USA

    #1

    Random people pinging your computer...

    I do have a website but it's not for general use. Definitely not doing any e-commerce, and at most it's just general computer information if it has any value at all.

    However I noticed that people are sending ping requests to my computer, constantly. In fact I get around 8000 individual ICMP echo requests a day though each IP sending them send multiple packets.

    I set my computer to stop replying to them to see if it would stop. Nope.

    What value is there is to sending these if I don't respond to them? Anyone have similar data?

    Just curious of what people think of these and why one would send these to a random not so useful machine...

    (For now I'm ignoring all other internet sourced oddities like privilege escalation and resource commandeering. If you wish to comment about these, sure, just make sure you're saying what kind of packet. I'm more curious about ping packets which as far as I know has no value to other people, they could just HTTP my machine to know it's up!)
  • petehall347
    Badcaps Legend
    • Jan 2015
    • 4425
    • United Kingdom

    #2
    Re: Random people pinging your computer...

    maybe your IP address is very similar to a major one and mistakes are being made .like getting lots of phone calls from random people .
    if you run something like etherape you could see where its coming from

    Comment

    • Topcat
      The Boss Stooge
      • Oct 2003
      • 16956
      • United States

      #3
      Re: Random people pinging your computer...

      If there's a domain name pointing at it, thats why all the pings.
      <--- Badcaps.net Founder

      Badcaps.net Services:

      Motherboard Repair Services

      ----------------------------------------------
      Badcaps.net Forum Members Folding Team
      http://folding.stanford.edu/
      Team : 49813
      Join in!!
      Team Stats

      Comment

      • Curious.George
        Badcaps Legend
        • Nov 2011
        • 2305
        • Unknown

        #4
        Re: Random people pinging your computer...

        Originally posted by eccerr0r
        I do have a website but it's not for general use. Definitely not doing any e-commerce, and at most it's just general computer information if it has any value at all.
        A "random person" (your words) wouldn't know WHAT your computer may/may not have on it.

        Just curious of what people think of these and why one would send these to a random not so useful machine...
        EVERY machine has value -- and some have potentially MORE value than others! Maybe you've left "precious" information on the machine that could be of value to a "random person".

        (For now I'm ignoring all other internet sourced oddities like privilege escalation and resource commandeering. If you wish to comment about these, sure, just make sure you're saying what kind of packet. I'm more curious about ping packets which as far as I know has no value to other people, they could just HTTP my machine to know it's up!)
        Because ICMP is "supposed" to be recognized by all machines; there's no guarantee that a "random machine" (i.e., yours) will respond to an HTTP request to 80. So, if you know nothing about a "random machine", the best place to start is with a ping.

        Note that you can glean a lot from how a machine responds to various different probes -- including identifying the OS that's running on it!

        Your IP address "leaks" with each online action you take. Visit BCN and your IP address is captured by its web server. Send mail and your originating IP is captured by any machine that sees your to/fro messages. Every router that handles your packets knows about you. etc.

        Even hiding behind single/double NAT doesn't hide the fact that you "exist".

        Comment

        • eccerr0r
          Solder Sloth
          • Nov 2012
          • 8687
          • USA

          #5
          Re: Random people pinging your computer...

          Originally posted by Topcat
          If there's a domain name pointing at it, thats why all the pings.
          But what's the value of such to others? Heck why would someone be pinging my machine if my domain name happens to be a typo of another popular site - they should be HTTPing it not pinging it.

          And why would they keep doing so, especially after I stopped responding to all pings? Now if they want to know if my machine is up, all they need to do is HTTP my machine but they don't. Do they think they can stealth detect if my machine is up by sending pings?

          I can see that they can hold value if they commandeer my machine via ssh or whatnot, but not ping. If they want to fingerprint my machine, hell I clearly write what OS I use on my HTTP site!

          Comment

          • Topcat
            The Boss Stooge
            • Oct 2003
            • 16956
            • United States

            #6
            Re: Random people pinging your computer...

            If it's a lot of off-shore pinging (usually Russia, China, India), they're typically looking for weak servers to take control of for various exploits. For example, back in the day, the main thing they looked for were weak email servers for spamming purposes....if they could find a weak server that they could SMTP from, all of a sudden it would start sending 100's of thousands of emails a day...usually until someone reported it to the ISP and the ISP killed the IP...

            When I say 'weak server', a server with weak passwords that brute force attacks could hash out....or port exploits to server services that should normally be closed....such as SSH on port 22 with a weak root password....you can imagine what that could lead to.
            <--- Badcaps.net Founder

            Badcaps.net Services:

            Motherboard Repair Services

            ----------------------------------------------
            Badcaps.net Forum Members Folding Team
            http://folding.stanford.edu/
            Team : 49813
            Join in!!
            Team Stats

            Comment

            • eccerr0r
              Solder Sloth
              • Nov 2012
              • 8687
              • USA

              #7
              Re: Random people pinging your computer...

              Again, this is disjoint from SSH. If they want to ssh, they should go ahead and ssh - the ssh SYNACK will automatically tell if my machine is up or not.

              So... why ping specifically?

              Comment

              • Topcat
                The Boss Stooge
                • Oct 2003
                • 16956
                • United States

                #8
                Re: Random people pinging your computer...

                Originally posted by eccerr0r
                Again, this is disjoint from SSH. If they want to ssh, they should go ahead and ssh - the ssh SYNACK will automatically tell if my machine is up or not.

                So... why ping specifically?
                probably to see if anyone is home before they try to pick the lock.
                <--- Badcaps.net Founder

                Badcaps.net Services:

                Motherboard Repair Services

                ----------------------------------------------
                Badcaps.net Forum Members Folding Team
                http://folding.stanford.edu/
                Team : 49813
                Join in!!
                Team Stats

                Comment

                • eccerr0r
                  Solder Sloth
                  • Nov 2012
                  • 8687
                  • USA

                  #9
                  Re: Random people pinging your computer...

                  Well, I set my machine to stop responding to the pings, but still get the ssh attempts. Would seem somewhat redundant to ping the machine since one can tell the machine is up/someone home by getting the SYNACK anyway, and one would need to get the SYNACK in order to even think about picking the lock.

                  If they don't get the SYNACK there's no point in picking the lock because there is no lock to be picked!

                  Comment

                  • stj
                    Great Sage 齊天大聖
                    • Dec 2009
                    • 30956
                    • Albion

                    #10
                    Re: Random people pinging your computer...

                    there are a lot of search engines out there.
                    some regular, some specialised - looking for IOT or cameras, some government.
                    they will try to index your site regularly.

                    Comment

                    • eccerr0r
                      Solder Sloth
                      • Nov 2012
                      • 8687
                      • USA

                      #11
                      Re: Random people pinging your computer...

                      searching for... random hosts that respond? If they're searching for webservers, they should connect HTTP to my machine. But ping, other than maybe fingerprinting, what are they trying to get, a list of machines? Again, a single SYNACK will tell both the machine is up and whether a service is listening.

                      Maybe they think it's impossible to log pings, or perhaps they assume that people don't log pings?

                      So far I found like 3 machines sending me a ping every 10 minutes. There are maybe 20 machines sending me a ping every 40-50 minutes. And there are more that I haven't quite figured out their frequency.

                      Comment

                      • tester272001
                        Senior Member
                        • Apr 2011
                        • 91
                        • USA

                        #12
                        Re: Random people pinging your computer...

                        in general PING is the easiest way for hackers to see if an IP address is ALIVE. Once it it it can be logged and saved for later exploitation. Heck the list might even get sold on the dark web. it would save other hackers from having to do the legwork of what is alive out there! Then there are lgeitimate crawlers that do the same thing. Look for IP and then test for HTTP or other protocols.

                        Comment

                        • eccerr0r
                          Solder Sloth
                          • Nov 2012
                          • 8687
                          • USA

                          #13
                          Re: Random people pinging your computer...

                          Again what value is it especially when people filter ICMP, and a SYNACK response is more useful (since it tells the machine is up AND there's a possibly exploitable service responding)?

                          However I have found there are people pinging for fun just to tell what portion of the 32-bit address space is actually responding to ICMP PING just to do some pretty graphs of what's up and what's not up...

                          Comment

                          Related Topics

                          Collapse

                          • Prosatanosz
                            Asus B85M-GAMER no hdmi output and random restarts
                            by Prosatanosz
                            Hi!

                            Asus B85M-GAMER absolute no hdmi output (not at start, not at Windows), and random restarts. Everything work, except hdmi and random restarts after 0.1-3 min. Restarts even in bios. On VGA Windows boots up fast, games and apps starts ok. Mem, psu, cpu changed, no luck. I need shematic, because i think the restarts caused by the hdmi failure.
                            10-19-2024, 05:27 AM
                          • Dreigas
                            Asus TUF Gaming FX506LX laptop just stuck at random time
                            by Dreigas
                            Hi everyone,

                            I've got a problem with my Asus TUF Gaming FX506LX laptop. I bought it as a non-working unit it had been completely drenched in a sweet alcoholic drink and was left for a year... When I got it, the motherboard wasn't in terrible shape, but I had to clean a lot of areas—about 1/5 of the motherboard. There was some corrosion, but I managed to clean it up and re-soldered where I saw issues under a microscope.

                            One of the two primary MOSFETs was fried (PQ33 fried and PQ34 were fine), so while I was waiting for a replacement, I desoldered it and created a short....
                            07-27-2024, 05:58 AM
                          • theone111
                            Problem with LG Plasma 60PM6700 - Random power downs
                            by theone111
                            I have an LG Plasma TV 60PM6700 for the past ~12 years.

                            In the last ~3-4 months I have been having some issues.
                            1. Problem: It started with random picture disappearing (sound still worked).
                              Frequency: Happened about once a week.
                              Solution: Had to turn off TV wait a few seconds before turning it on again.
                            2. Problem: Then it got worse and the TV started to shut down and when turning on the no picture just sound.
                              Frequency: Happened about once a week.
                              Solution: Had to turn off TV wait about 10-20 seconds and turn it on again to solve.
                            3. Problem: TV shuts down
                            ...
                            07-22-2024, 10:36 AM
                          • alambrose
                            LG GRAM random bsod SOLVED
                            by alambrose
                            LG Gram 15Z980 picked up on Ebay for $200 (was sold as parts because no M2 drive and bios pw locked), but otherwise intact and working.

                            Threw a 500gb M2 in, and was able to install Windows. On Gram, Win activation is stored in the bios, so Windows was automatically activated. I still kept getting random bsod's. Also bought a pw and unlocked the bios.

                            Upgraded Windows to 11, still didn't solve the random & frequent bsod's. Cleaned & reseated all cables, RAM, etc... still getting frequent bsod's. Bought & installed a new stick of RAM, still getting frequent...
                            02-12-2023, 06:12 PM
                          • felix27
                            ideapad c340-15IWL random Blackscreen
                            by felix27
                            Hello,
                            I am trying to fix a ideapad c340-15IWL with random blackscreen crashes, after witch the system is completly unresponsive, even on an external monitor. The blackscreens accur completly random no matter the load put on the system. You can sometimes run cinebench succesfully only to have the system blackscreen five minutes later while doing nothing. I have already tried to resolder several chips and have resoldered all contacts of the dimm slot. I have also tried different ram, wifi-card and SSDs, with the same effect. I had another lenovo with a similar issue, which was resolved after...
                            03-08-2024, 04:01 PM
                          • Loading...
                          • No more items.
                          Working...