Solved

tiny personal firewall activity monitor

Posted on 2003-11-24
4
819 Views
Last Modified: 2013-11-16
I'm deeply sorry, but I only have 20 points left to use.

I just wondered if someone could see if this registrations in the tiny personal firewall activity monitor is dangerous or not. maybe you can tell what they're all about? I get these all the time....

Count:1
Action:Monitored
Application:System
Access:Network intrusion report
Object:"ICMP Destination Unreachable (Undefined Code!)" -> 172.151.196.220
Interface:
Time:24.11.2003 20:18:00

Count:1
Action:Monitored
Application:System
Access:Inbound ICMP access
Object:Ping Request (8) <- 62.252.58.148 (cpc3-whit1-3-0-cust148.cdif.cable.ntl.com)
Interface:[1] Intel(R) PRO/100 VE Network Connection
Time:24.11.2003 22:01:44

Count:1
Action:Monitored
Application:System
Access:Inbound ICMP access
Object:Ping Reply (0) <- 62.252.58.148 (cpc3-whit1-3-0-cust148.cdif.cable.ntl.com)
Interface:[1] Intel(R) PRO/100 VE Network Connection
Time:24.11.2003 22:01:44

Count:1
Action:Monitored
Application:System
Access:Network intrusion report
Object:"ICMP PING CyberKit 2.2 Windows" <- 62.252.58.148
Interface:
Time:24.11.2003 22:01:44

Count:1
Action:Monitored
Application:System
Access:Network intrusion report
Object:"ICMP Echo Reply (Undefined Code!)" -> 62.252.58.148
Interface:
Time:24.11.2003 22:01:44
0
Comment
Question by:Darth_helge
  • 2
  • 2
4 Comments
 
LVL 33

Accepted Solution

by:
MikeKane earned 25 total points
ID: 9818881
ICMP's are pings.   Not VERY harmful, but its not ideal to respond to external Ping requests unles syou have a good reason to allow it.    

For example
Count:1
Action:Monitored  
Application:System
Access:Inbound ICMP access   <---- This is what's coming into your system.
Object:Ping Reply (0) <- 62.252.58.148 (cpc3-whit1-3-0-cust148.cdif.cable.ntl.com)  <---- This is the originator of the PING
Interface:[1] Intel(R) PRO/100 VE Network Connection
Time:24.11.2003 22:01:44

It also seems you are only monitoring the access.    You should really block all inbound stuff and open only what you need.  

But in short, pings don't do much much except tell the other party that your machine is here and active.   It could lead to further scans.  

0
 
LVL 5

Author Comment

by:Darth_helge
ID: 9820108
is there some guide to this on the net that you can recommend? im kinda new at firewalls and security.
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9820177
You can start here:  
http://www.uksecurityonline.com/husdg/

that same site has support info for tiny firewall and general overviews of network security good for a beginner.  

Good luck.  
0
 
LVL 5

Author Comment

by:Darth_helge
ID: 9823057
thanks a lot! :=)
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows Server 2012 network 51 119
Sonicwall NSA failover & LB 4 58
Bonjour traffic not going through sonicwall fw 6 118
DDOS against DYN 9 137
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question