We installed some workstation packet filtering firewall software and found a large number of Internet Protocol 2 packets on the network. What are they used for, and is this a threat?The Internet Protocol 2 packets you see at the workstations are Internet Group Management Protocol (IGMP) packets coming from routers that keep track of memberships in multicast network groups.Multicast routers use IGMP to discover what groups have members on their networks. The routers send regular queries to the “all-systems” multi-cast address (224.0.0.1). Hosts that receive the queries reply with one “host membership report” response message for each group the host belongs to, unless they hear another host reply for that same group first.Multicast routers do not need to keep track of every host in every group, they only need to keep an accurate list of the active groups. If the router does not hear any member reports for a particular group within a pre-set timeout period, the router assumes there are no active group members and will not forward multi-cast group packets from remote domains for that group onto the local network. IGMP primarily is used on point-to-point connections between routers and hosts, and most likely does not represent a security threat to your workstations by itself. Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Network Security Network Security Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe