Re: Ok to let all ICMP traffic through firewall?
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: Ok to let all ICMP traffic through firewall?

From: Art <null@zilch.com>
Date: Fri Sep 23 2005 - 20:26:33 CEST



On Fri, 23 Sep 2005 17:36:47 GMT, Leythos <void@nowhere.lan> wrote:



>> but what if an ISP or non ISP telephone computer tech is diagnosing a


>> non technical home user. The user doesn't have the ability to block


>> ICMP on only certain hosts. The homse user isn't running any services


>> either(may be behind a NAT device).  Ping is ideal in this instance.


>> what other option is there to see that he is online,. as a first step


>> in diagnosing the problem?


>


>Sorry, that's not a good reason. The ISP can see if the modem is on-


>line, and the ISP can see if there is a connection between the modem and 


>the NAT device or PC at the hardware level. You don't have to allow ping 


>for any testing/reason, there are always ways around it.



I'm curious  ....  how does the ISP know? 



In that vein, I noticed Sygate alerting on the kernel (I think it was)


calling out. Using the traffic log I found that the attempts were to


my ISP. Blocking the attempts has no effect on my internet activity,


as near as I can tell. I wonder what the purpose of this attempted


outbound might be. I don't use any software supplied by my ISP, so


it's not spyware (which some ISPs do use).



Art


  


http://home.epix.net/~artnpeg


Received on Thu Sep 29 20:10:31 2005