S
Scott Holmes
Should I allow my WinXP Sygate Firwall to allow ICMP Type 8 echo requests?
For some reason, I periodically get wierd Internet Control Message Protocol
(ICMP) Type 8 requests on WinXP such as:
NT Kernel System (ntoskrnl.exe)
is trying to send an ICMP Type 8 (Echo Request) packet to [202.232.13.185].
Do you want to allow this program to access the network?
NT Kernel System (ntoskrnl.exe)
is trying to send an ICMP Type 8 (Echo Request) packet to
[202.232.221.175].
Do you want to allow this program to access the network?
I have no idea what these requests are for.
When I do a reverse dns look up at http://www.zoneedit.com/lookup.html
I find these IP addresses are not registered. Wierd. Then why are they
sending me an ICMP Type 8 (whatever that is) requests?
OrgName: Asia Pacific Network Information Centre
OrgID: APNIC
Address: PO Box 2131
City: Milton
StateProv: QLD
PostalCode: 4064
Country: AU
I looked up RFC 792 which describes ICMP, but I did not understand it as I
am not a techie (http://www.iana.org/assignments/icmp-parameters ). All I
know is this thing called ICMP has a code field and a type field. A type 8
is an "Echo". I have a D-Link wireless router so I wonder why it didn't
stop this ping of death from reaching my 192.168.0.1 machine.
One of the articles I looked up suggested "netstat -an" but that didn't
show anything listening of that IP address.
What is an ICMP Type 8 echo request?
Whom do these IP addresses belong to?
Should I allow these ICMP Type 8 echo requests or should I deny them?
For some reason, I periodically get wierd Internet Control Message Protocol
(ICMP) Type 8 requests on WinXP such as:
NT Kernel System (ntoskrnl.exe)
is trying to send an ICMP Type 8 (Echo Request) packet to [202.232.13.185].
Do you want to allow this program to access the network?
NT Kernel System (ntoskrnl.exe)
is trying to send an ICMP Type 8 (Echo Request) packet to
[202.232.221.175].
Do you want to allow this program to access the network?
I have no idea what these requests are for.
When I do a reverse dns look up at http://www.zoneedit.com/lookup.html
I find these IP addresses are not registered. Wierd. Then why are they
sending me an ICMP Type 8 (whatever that is) requests?
OrgName: Asia Pacific Network Information Centre
OrgID: APNIC
Address: PO Box 2131
City: Milton
StateProv: QLD
PostalCode: 4064
Country: AU
I looked up RFC 792 which describes ICMP, but I did not understand it as I
am not a techie (http://www.iana.org/assignments/icmp-parameters ). All I
know is this thing called ICMP has a code field and a type field. A type 8
is an "Echo". I have a D-Link wireless router so I wonder why it didn't
stop this ping of death from reaching my 192.168.0.1 machine.
One of the articles I looked up suggested "netstat -an" but that didn't
show anything listening of that IP address.
What is an ICMP Type 8 echo request?
Whom do these IP addresses belong to?
Should I allow these ICMP Type 8 echo requests or should I deny them?