Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Wireless Networking > Wireless Internet > ICMP traffic

Reply
Thread Tools Display Modes

ICMP traffic

 
 
Chip Orange
Guest
Posts: n/a

 
      06-30-2003, 11:13 PM
I have recently added the MS MN 500 WAP and now my Mcafee firewall is
warning me about ICMP traffic (which it says it designed to transmit
performance data). Is this legit traffic between my pc and the WAP, or is
this some sort of hack attempt?

Thanks.

Chip
 
Reply With Quote
 
 
 
 
Duane Arnold
Guest
Posts: n/a

 
      07-01-2003, 12:29 AM
> Mcafee firewall is warning me about ICMP traffic

> Is this legit traffic between my pc and the WAP, or is this some sort of
hack attempt?


ICMP is ECHO traffic being sent to an ip/machine or IP/network with machines
to get the machine(s) to respond to the ECHO request. This is everyday
background noise on the Internet that should be *blocked*, if the router
has a Stateful Packet Inspection firewall component, or the FW on the host
machine is a packet filtering firewall.

In other words a machine should not be allowed to reply.

Apparently, Mcafee is preventing this from happening, which is a good thing.

You can search Google for further info on ICMP attacks.

HTH

Duane

--
The protection of the machine is a process and not a given!
 
Reply With Quote
 
Tim S. Knight
Guest
Posts: n/a

 
      07-01-2003, 06:37 AM
"Duane Arnold" <(E-Mail Removed)> threatened to throw the computer out
the window and got it to send news:9C4Ma.2013$Xm3.775@sccrnsc02

>> Mcafee firewall is warning me about ICMP traffic
>
>> Is this legit traffic between my pc and the WAP, or is this some sort
>> of
> hack attempt?
>
>
> ICMP is ECHO traffic being sent to an ip/machine or IP/network with
> machines to get the machine(s) to respond to the ECHO request. This is
> everyday background noise on the Internet that should be *blocked*,
> if the router has a Stateful Packet Inspection firewall component, or
> the FW on the host machine is a packet filtering firewall.
>
> In other words a machine should not be allowed to reply.
>
> Apparently, Mcafee is preventing this from happening, which is a good
> thing.
>
> You can search Google for further info on ICMP attacks.
>
> HTH
>

ICMP echo is not the only type of ICMP. There are other kinds of ICMP
that should not be blocked, the most important of these being
"Fragmentation needed but DF (don't fragment) bit set" (type three, code
four.) Important things like Path MTU Discovery break when that is
blocked.
 
Reply With Quote
 
 
 
Reply

« Strange 802.11b problem | No more internet connection after installing 54g card »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Should traffic control root qdisc & child class limit traffic? Washington Ratso Linux Networking 1 02-25-2011 06:48 PM
Ok to let all ICMP traffic through firewall? Franklin Broadband 72 01-07-2006 04:11 PM
ICMP packets on IP 172.30.166.36:137 Kaptain Krunch Network Routers 1 09-26-2004 05:44 PM
TCP/IP and ICMP filtering George Valkov Windows Networking 2 04-05-2004 07:39 PM
Tunnel ICMP? Davey SM4 Linux Networking 6 02-07-2004 08:10 AM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11