Solved

tiny personal firewall activity monitor

Posted on 2003-11-24
4
826 Views
Last Modified: 2013-11-16
I'm deeply sorry, but I only have 20 points left to use.

I just wondered if someone could see if this registrations in the tiny personal firewall activity monitor is dangerous or not. maybe you can tell what they're all about? I get these all the time....

Count:1
Action:Monitored
Application:System
Access:Network intrusion report
Object:"ICMP Destination Unreachable (Undefined Code!)" -> 172.151.196.220
Interface:
Time:24.11.2003 20:18:00

Count:1
Action:Monitored
Application:System
Access:Inbound ICMP access
Object:Ping Request (8) <- 62.252.58.148 (cpc3-whit1-3-0-cust148.cdif.cable.ntl.com)
Interface:[1] Intel(R) PRO/100 VE Network Connection
Time:24.11.2003 22:01:44

Count:1
Action:Monitored
Application:System
Access:Inbound ICMP access
Object:Ping Reply (0) <- 62.252.58.148 (cpc3-whit1-3-0-cust148.cdif.cable.ntl.com)
Interface:[1] Intel(R) PRO/100 VE Network Connection
Time:24.11.2003 22:01:44

Count:1
Action:Monitored
Application:System
Access:Network intrusion report
Object:"ICMP PING CyberKit 2.2 Windows" <- 62.252.58.148
Interface:
Time:24.11.2003 22:01:44

Count:1
Action:Monitored
Application:System
Access:Network intrusion report
Object:"ICMP Echo Reply (Undefined Code!)" -> 62.252.58.148
Interface:
Time:24.11.2003 22:01:44
0
Comment
Question by:Darth_helge
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 33

Accepted Solution

by:
MikeKane earned 25 total points
ID: 9818881
ICMP's are pings.   Not VERY harmful, but its not ideal to respond to external Ping requests unles syou have a good reason to allow it.    

For example
Count:1
Action:Monitored  
Application:System
Access:Inbound ICMP access   <---- This is what's coming into your system.
Object:Ping Reply (0) <- 62.252.58.148 (cpc3-whit1-3-0-cust148.cdif.cable.ntl.com)  <---- This is the originator of the PING
Interface:[1] Intel(R) PRO/100 VE Network Connection
Time:24.11.2003 22:01:44

It also seems you are only monitoring the access.    You should really block all inbound stuff and open only what you need.  

But in short, pings don't do much much except tell the other party that your machine is here and active.   It could lead to further scans.  

0
 
LVL 5

Author Comment

by:Darth_helge
ID: 9820108
is there some guide to this on the net that you can recommend? im kinda new at firewalls and security.
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9820177
You can start here:  
http://www.uksecurityonline.com/husdg/

that same site has support info for tiny firewall and general overviews of network security good for a beginner.  

Good luck.  
0
 
LVL 5

Author Comment

by:Darth_helge
ID: 9823057
thanks a lot! :=)
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question