|
Posted by Peter Waibel on March 29, 2007, 10:28 am
If you were Registered and logged in, you could reply and use other advanced thread options
Ok, I sent a ping to a remote computer which is definitively alive and
responding.
However I get a timeout at my local computer because of too restrictive firewall
rules.
Which ICMP ports must be open to be able to receive all possible answers from
the target machine ?
Peter
|
|
Posted by Sebastian Gottschalk on March 29, 2007, 11:34 am
If you were Registered and logged in, you could reply and use other advanced thread options
Peter Waibel wrote:
> However I get a timeout at my local computer because of too restrictive
> firewall rules.
>
> Which ICMP ports must be open to be able to receive all possible answers
> from the target machine ?
ICMP doesn't have ports and if you don't even understand how a simple ICMP
works then you shouldn't try to implement a firewall.
|
|
Posted by Ansgar -59cobalt- Wiechers on March 29, 2007, 12:17 pm
If you were Registered and logged in, you could reply and use other advanced thread options > Ok, I sent a ping to a remote computer which is definitively alive and
> responding.
>
> However I get a timeout at my local computer because of too
> restrictive firewall rules.
>
> Which ICMP ports must be open to be able to receive all possible
> answers from the target machine ?
ICMP is a protocol of its own, which - unlike TCP or UDP - doesn't have
something like "ports". What you want to do is allow certain types of
ICMP messages. I usually suggest to allow:
Type 0 (echo reply)
Type 3 (destination unreachable)
Type 4 (source quench)
Type 8 (echo request)
Type 11 (time exceeded)
Type 12 (parameter problem)
Allowing other types I wouldn't recommend, unless you know what you're
doing.
cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
|
|
Posted by Chuck on March 29, 2007, 12:52 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>Ok, I sent a ping to a remote computer which is definitively alive and
responding.
>
>However I get a timeout at my local computer because of too restrictive
firewall rules.
>
>Which ICMP ports must be open to be able to receive all possible answers from
the target machine ?
>
>Peter
Peter,
Rules related to ports are for TCP/UDP traffic. ICMP rules are separate. For
Windows Firewall, look on the Advanced tab, under ICMP. Enable "incoming echo
request" on both computers.
--
Cheers,
Chuck, MS-MVP [Windows - Networking]
http://nitecruzr.blogspot.com/
Paranoia is not a problem, when it's a normal response from experience.
My email is AT DOT
actual address pchuck mvps org.
|
|
Posted by jameshanley39@yahoo.co.uk on March 30, 2007, 1:14 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Ok, I sent a ping to a remote computer which is definitively alive and
responding.
>
> However I get a timeout at my local computer because of too restrictive
firewall rules.
>
> Which ICMP ports must be open to be able to receive all possible answers from
the target machine ?
>
> Peter
None. It doesn't use ports.
Many firewalls would have a setting to allow or disallow ICMP.
e.g. The Windows Firewall has an advanced tab where you can enable
ICMP related things. It'd be set on the remote machine. At the moment
the remote machine may be blocking ICMP.
you could also use nmap -P0 1.2.3.4
where 1.2.3.4 is the ip of the machine that you are testing for a sign
of life.
That will work even when ICMP is blocked.
|
| Similar Threads | Posted | | Minimum Ports open in a personal firewall | July 30, 2005, 12:33 pm |
| Open ports. | February 5, 2005, 12:13 pm |
| Open Ports on Router | August 19, 2005, 10:02 pm |
| Which ports should be open for PcAnyWhere? | October 18, 2005, 12:30 pm |
| Open ports on a cisco PIX 501 | January 19, 2006, 8:19 am |
| ZoneAlarm Pro 5.0 open ports problem | July 28, 2004, 10:35 pm |
| Packets not forwarded even though ports open | February 28, 2005, 1:29 pm |
| Open ports on DMZ acces with CISCO PIX 515E | February 8, 2005, 4:43 am |
| Linksys Routers showing open UDP ports??? | September 15, 2005, 6:07 pm |
| Firewall-1 Behavior Receiving and Sending to Same Segment | September 24, 2006, 2:58 pm |
|
XML site map