[Dshield] Can someone please tell me what this is all about?

Tony Maro tonym at nlisc.com
Sat Aug 4 22:05:10 GMT 2001


Looks like you are blocking destination unreachable ICMP responses.  That's
a bad thing.  If a route is down, you don't get the response back and your
computer waits for a timeout.

I would selectively allow destination unreachable type packets in.  But not
ALL ICMP, just type 3.  I know how to do this in iptables in Linux, but I
don't recognize your log format.

-Tony

-----Original Message-----
From: Paul Marsh
To: 'dshield at dshield.org'
Sent: 8/3/2001 10:21 AM
Subject: [Dshield] Can someone please tell me what this is all about?

Can some one please tell me what this is all about?  I am also noticing
allot more pings hitting my firewall in the last two days.

08/03/2001 10:59:26.192 ICMP packet dropped 157.130.15.13, 3, WAN
209.213.81.106, 3, LAN 'Dest Unreachable' 0 
08/03/2001 11:00:48.608 ICMP packet dropped 157.130.15.13, 3, WAN
209.213.81.106, 3, LAN 'Dest Unreachable' 0 
08/03/2001 11:02:26.800 ICMP packet dropped 157.130.15.13, 3, WAN
209.213.81.106, 3, LAN 'Dest Unreachable' 0 
08/03/2001 11:03:49.256 ICMP packet dropped 157.130.15.13, 3, WAN
209.213.81.106, 3, LAN 'Dest Unreachable' 0 
08/03/2001 11:05:27.432 ICMP packet dropped 157.130.15.13, 3, WAN
209.213.81.106, 3, LAN 'Dest Unreachable' 0 
08/03/2001 11:06:34.560 ICMP packet dropped 157.130.15.13, 3, WAN
209.213.81.106, 3, LAN 'Dest Unreachab



_______________________________________________
Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:
http://www1.dshield.org/mailman/listinfo/dshield




More information about the list mailing list