Ed Greshko wrote: >Sent: Wednesday, December 05, 2007 5:19 PM >To: For users of Fedora >Subject: Re: Questions about ICMP > > >Daniel B. Thurman wrote: >> Daniel B. Thurman wrote: >> >>> Rick Stevens wrote: >>>> Sam Varshavchik wrote: >>>>> Daniel B. Thurman writes: >>>>>> Craig White wrote: >>>>>> >>>>>>> Sent: Wednesday, December 05, 2007 3:33 PM >>>>>>> To: For users of Fedora >>>>>>> Subject: Re: Questions about ICMP >>>>>>> >>>>>>> >>>>>>> On Wed, 2007-12-05 at 15:27 -0800, Daniel B. Thurman wrote: >>>>>>>> Should ICMP packets be allowed both over the >>>>>>>> Internet or should it be allowed to pass only in >>>>>>>> the local networks? >>>>>>>> >>>>>>>> I have a firewall appliance and trying to make sure >>>>>>>> that I am being secured properly. >>>>>>> ---- >>>>>>> disabling icmp echo requests is a great feature for the >>>> ultra-paranoid >>>>>> So... am I to read this as it is a good idea to disable all icmp >>>>>> requests? I get a LOT of ICMP requests from the Internet probing >>>>>> at my ports, which are disabled. This is a good idea? >>>>> As the man said: only if you're ultra-paranoid, and live in >>>> a perpetual fear >>>>> of Internet boogey-men. >>>> Hey, man, just because I'm paranoid doesn't mean they AIN'T out to >>>> get me! :-) >>>> >>>> >---------------------------------------------------------------------- >>>> - Rick Stevens, Principal Engineer >rstevens@xxxxxxxxxxxx - >>>> - CDN Systems, Internap, Inc. >http://www.internap.com - >>>> - > - >>>> - "Do you suffer from long-term memory loss?" "I don't >remember" - >>>> - -- Chumbawumba, "Amnesia" >(TubThumping) - >>>> >---------------------------------------------------------------------- >>>> >>>> -- >>> The thing here, is that what I am actually seeing is a TON of >>> ggp(3) pokes to/from my Fedora box and others on the Internet >>> are seemingly using the same ggp back at my Fedora(v8) box. >>> >>> So, I guess it really isn't ICMP(1) - but rather it is GGP(3) >>> that seems to be flying around. This protocol is blocked >>> completely by my firewall applicance by default. >>> >>> So, what IS this gpp(3) really? My logs are just getting >>> filled with this blocked protocol message. >>> >>> Not a BIG deal I think, but wondered how I could prevent >>> this log message out of my log files. >>> >> >> uh, I need to be clear here... >> >> Here is what the log message says: >> >> 12/05/2007 16:34:40.288 ICMP packet dropped >10.1.0.143, 3, LAN 192.128.167.77, 3, WAN >> >============================================================^== >=========================^ >> So, it is an ICMP packet, but what is "3" ???? > >Type 3 is "Destination unreachable" > >-- Uh, I think I understand why I am seeing this ICMP(3) bouncing to/from Fedora/Internet as I am downloading packages using the Package Manager and I *think* that the Package Manager is using Yum with various mirrors and as it tests mirror connections, it hits the unreachable destination thus switches to another mirror? Maybe that is why my firewall appliance is logging it. The odd thing is why am I seeing this in both both directions? No... I am not being paranoid, I am not being paranoid, ... Much ado about nothing, or so it seems... No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.16.14/1171 - Release Date: 12/4/2007 7:31 PM -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
