Hello All,
We have an rb1200 v5.26.
My company has have been under constant attack for the last week and we have been successful in identifying and blocking the offending ip's. But recently we have noticed about 330-200 KB's of ICMP traffic being transmitted from our Wan port to some chinese IP.
I torched all other lan ports and found only a couple of bytes of ICMP traffic, all local ICMP traffic did not add up to what we see on wan.
So, it would seem that the ICMP traffic is originating from our router.
My question is this. How is this possible and how can we stop it?
Thanks in advance....