Re: Questions about ICMP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Daniel B. Thurman wrote:
> Daniel B. Thurman wrote:
> 
>> Rick Stevens wrote:
>>> Sam Varshavchik wrote:
>>>> Daniel B. Thurman writes:
>>>>> Craig White wrote:
>>>>>
>>>>>> Sent: Wednesday, December 05, 2007 3:33 PM
>>>>>> To: For users of Fedora
>>>>>> Subject: Re: Questions about ICMP
>>>>>>
>>>>>>
>>>>>> On Wed, 2007-12-05 at 15:27 -0800, Daniel B. Thurman wrote:
>>>>>>> Should ICMP packets be allowed both over the
>>>>>>> Internet or should it be allowed to pass only in
>>>>>>> the local networks?
>>>>>>>
>>>>>>> I have a firewall appliance and trying to make sure
>>>>>>> that I am being secured properly.
>>>>>> ----
>>>>>> disabling icmp echo requests is a great feature for the 
>>> ultra-paranoid
>>>>> So... am I to read this as it is a good idea to disable all icmp
>>>>> requests?  I get a LOT of ICMP requests from the Internet probing
>>>>> at my ports, which are disabled.  This is a good idea?
>>>> As the man said: only if you're ultra-paranoid, and live in 
>>> a perpetual fear 
>>>> of Internet boogey-men.
>>> Hey, man, just because I'm paranoid doesn't mean they AIN'T out to
>>> get me!  :-)
>>>
>>> ----------------------------------------------------------------------
>>> - Rick Stevens, Principal Engineer             rstevens@xxxxxxxxxxxx -
>>> - CDN Systems, Internap, Inc.                http://www.internap.com -
>>> -                                                                    -
>>> -   "Do you suffer from long-term memory loss?"  "I don't remember"  -
>>> -                            -- Chumbawumba, "Amnesia" (TubThumping) -
>>> ----------------------------------------------------------------------
>>>
>>> -- 
>> The thing here, is that what I am actually seeing is a TON of
>> ggp(3) pokes to/from my Fedora box and others on the Internet
>> are seemingly using the same ggp back at my Fedora(v8) box.
>>
>> So, I guess it really isn't ICMP(1) - but rather it is GGP(3)
>> that seems to be flying around.  This protocol is blocked
>> completely by my firewall applicance by default.
>>
>> So, what IS this gpp(3) really?  My logs are just getting
>> filled with this blocked protocol message.
>>
>> Not a BIG deal I think, but wondered how I could prevent
>> this log message out of my log files.
>>
> 
> uh, I need to be clear here...
> 
> Here is what the log message says:
> 
> 12/05/2007 16:34:40.288	ICMP packet dropped	10.1.0.143, 3, LAN	192.128.167.77, 3, WAN
> ============================================================^===========================^
> So, it is an ICMP packet, but what is "3" ????

Type 3 is "Destination unreachable"


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux