Re: Questions about ICMP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Daniel B. Thurman wrote:
> Daniel B. Thurman wrote:
> 
>> Rick Stevens wrote:
>>> Sam Varshavchik wrote:
>>>> Daniel B. Thurman writes:
>>>>> Craig White wrote:
>>>>>
>>>>>> Sent: Wednesday, December 05, 2007 3:33 PM
>>>>>> To: For users of Fedora
>>>>>> Subject: Re: Questions about ICMP
>>>>>>
>>>>>>
>>>>>> On Wed, 2007-12-05 at 15:27 -0800, Daniel B. Thurman wrote:
>>>>>>> Should ICMP packets be allowed both over the
>>>>>>> Internet or should it be allowed to pass only in
>>>>>>> the local networks?
>>>>>>>
>>>>>>> I have a firewall appliance and trying to make sure
>>>>>>> that I am being secured properly.
>>>>>> ----
>>>>>> disabling icmp echo requests is a great feature for the 
>>> ultra-paranoid
>>>>> So... am I to read this as it is a good idea to disable all icmp
>>>>> requests?  I get a LOT of ICMP requests from the Internet probing
>>>>> at my ports, which are disabled.  This is a good idea?
>>>> As the man said: only if you're ultra-paranoid, and live in 
>>> a perpetual fear 
>>>> of Internet boogey-men.
>>> Hey, man, just because I'm paranoid doesn't mean they AIN'T out to
>>> get me!  :-)
>>>
>>> ----------------------------------------------------------------------
>>> - Rick Stevens, Principal Engineer             rstevens@xxxxxxxxxxxx -
>>> - CDN Systems, Internap, Inc.                http://www.internap.com -
>>> -                                                                    -
>>> -   "Do you suffer from long-term memory loss?"  "I don't remember"  -
>>> -                            -- Chumbawumba, "Amnesia" (TubThumping) -
>>> ----------------------------------------------------------------------
>>>
>>> -- 
>> The thing here, is that what I am actually seeing is a TON of
>> ggp(3) pokes to/from my Fedora box and others on the Internet
>> are seemingly using the same ggp back at my Fedora(v8) box.
>>
>> So, I guess it really isn't ICMP(1) - but rather it is GGP(3)
>> that seems to be flying around.  This protocol is blocked
>> completely by my firewall applicance by default.
>>
>> So, what IS this gpp(3) really?  My logs are just getting
>> filled with this blocked protocol message.
>>
>> Not a BIG deal I think, but wondered how I could prevent
>> this log message out of my log files.
>>
> 
> uh, I need to be clear here...
> 
> Here is what the log message says:
> 
> 12/05/2007 16:34:40.288	ICMP packet dropped	10.1.0.143, 3, LAN	192.128.167.77, 3, WAN
> ============================================================^===========================^
> So, it is an ICMP packet, but what is "3" ????

Type 3 is "Destination unreachable"

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux