ICMP Tunneling Detection

####Bundle Details & Download

https://www.extrahop.com/customers/community/bundles/changhwanoh/icmp-tunneling-detection/

####Description

This bundle detects HTTP, SSH, FTP, and SMB traffic tunneled over unencrypted ICMP messages. Attackers can compromise machines through ICMP tunneling by encapsulating traffic in an ICMP echo request to evade firewall rules and obfuscate data.