[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 838
  • Last Modified:

tiny personal firewall activity monitor

I'm deeply sorry, but I only have 20 points left to use.

I just wondered if someone could see if this registrations in the tiny personal firewall activity monitor is dangerous or not. maybe you can tell what they're all about? I get these all the time....

Count:1
Action:Monitored
Application:System
Access:Network intrusion report
Object:"ICMP Destination Unreachable (Undefined Code!)" -> 172.151.196.220
Interface:
Time:24.11.2003 20:18:00

Count:1
Action:Monitored
Application:System
Access:Inbound ICMP access
Object:Ping Request (8) <- 62.252.58.148 (cpc3-whit1-3-0-cust148.cdif.cable.ntl.com)
Interface:[1] Intel(R) PRO/100 VE Network Connection
Time:24.11.2003 22:01:44

Count:1
Action:Monitored
Application:System
Access:Inbound ICMP access
Object:Ping Reply (0) <- 62.252.58.148 (cpc3-whit1-3-0-cust148.cdif.cable.ntl.com)
Interface:[1] Intel(R) PRO/100 VE Network Connection
Time:24.11.2003 22:01:44

Count:1
Action:Monitored
Application:System
Access:Network intrusion report
Object:"ICMP PING CyberKit 2.2 Windows" <- 62.252.58.148
Interface:
Time:24.11.2003 22:01:44

Count:1
Action:Monitored
Application:System
Access:Network intrusion report
Object:"ICMP Echo Reply (Undefined Code!)" -> 62.252.58.148
Interface:
Time:24.11.2003 22:01:44
0
Darth_helge
Asked:
Darth_helge
  • 2
  • 2
1 Solution
 
MikeKaneCommented:
ICMP's are pings.   Not VERY harmful, but its not ideal to respond to external Ping requests unles syou have a good reason to allow it.    

For example
Count:1
Action:Monitored  
Application:System
Access:Inbound ICMP access   <---- This is what's coming into your system.
Object:Ping Reply (0) <- 62.252.58.148 (cpc3-whit1-3-0-cust148.cdif.cable.ntl.com)  <---- This is the originator of the PING
Interface:[1] Intel(R) PRO/100 VE Network Connection
Time:24.11.2003 22:01:44

It also seems you are only monitoring the access.    You should really block all inbound stuff and open only what you need.  

But in short, pings don't do much much except tell the other party that your machine is here and active.   It could lead to further scans.  

0
 
Darth_helgeAuthor Commented:
is there some guide to this on the net that you can recommend? im kinda new at firewalls and security.
0
 
MikeKaneCommented:
You can start here:  
http://www.uksecurityonline.com/husdg/

that same site has support info for tiny firewall and general overviews of network security good for a beginner.  

Good luck.  
0
 
Darth_helgeAuthor Commented:
thanks a lot! :=)
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now