We noticed in our Data Transmission Network, that our B2C and B2B clients are sending "IGMP Join" messages to some of ip adresses from 126.96.36.199/16 network. It looks like flood. This affects operation of television services in our network, because igmp snooping tables on our switches are overflowing. We have determined that the software using igmp messages is Kaspersky Security Center Network Agent.
Would you be willing to talk to us:
- we noticed this activity about a month ago, did you change something?
- is it a legitimate activity?
- why is your software are sending this messages to multicast ip addresses?
We consider this app activity undesirable and harmful.