we are seeing an increase in inbound ICMP Flood traffic that closely correlates to when a MARS 20 server went live. The inbound ICMP traffic seems to match web sites that users are browsing to. Has anyone seen anything like this and/or has an explanation as to why this is happening? The inbound ICMP traffic was nowhere near the level it is now before the MARS server came up.
Thanks in advance! All replies rated