On 15/07/10 11:25, Dale wrote:
On 15 July 2010 10:40, Basil Chupin<[email protected]> wrote:
On 15/07/10 10:13, Callan Jefferson Davies wrote:
My advice: ignore grc.com. :-)
I'll pipe up here and agree with that statement - there's absolutely no
need to go blocking pings.
I work for an ISP (Adam in Adelaide) and get this question a lot from
customers, and also talk to a lot of customers that have gone and
blocked pings.
Here's a couple of items for consideration :
  - people generally want to block pings to be protected against ping
"floods"
  - blocking pings only stops your router from replying to pings, it
doesn't stop someone sending you pings. so a ping flood can still happen.
  - these days, if someone wants to discover you on the Internet,
they're probably going to port-scan you, not ping you. Once they port
scan you, maybe they'll find a (web, mail, ssh etc) server. Then they'll
try to exploit that server. If you're not running any servers, no
problem. If you are running servers, then blocking pings won't offer any
benefit.
  - if you're having issues with your Internet connection and you call
your ISP, they're probably going to try a ping to see if your connection
is online. Blocking pings makes technical support difficult!
The above just represents my thoughts, but if anyone reckons I'm wrong
about something please do speak up!
Cheers
Callan
Thank you everybody for the responses. I have been assured.
I shall now ignore grc.com :-) .
Basil,
I would not go to the point of ignoring grc.com, just use it as a
guide/reference. If you a really worried get a friend to nmap you
for example:
# nmap -sS -sU -O -p 1-65535 -v -P0<IP_ADDRESS>
Note that nmap command can take a long time
Regards
Dale
Thanks, Dale, I wasn't really going to ignore grc - even though I've
been told years ago that "he is a fraud and doesn't know what he is
talking about" - but simply ignore the bit about the ICMP pings being
returned.
What I still cannot understand is why they are suddenly being returned
just because I have changed modems. Let me explain.
Some time ago when I was dual-booting with XP and used XP on the 'net, I
had Zone Alarm installed. This had a setting where incoming pings from
WAN, but not LAN, were not responded to.
I then did away with XP and was using another distro - and I passed the
grc test with flying colours. When I changed over to Ubuntu the same
thing happened: no FAILed reports. Until I changed to this new Netcomm
yesterday. And I am aware of what Callan said, but my ISP had "pinged"
me a few times when I was trying to resolve a little hassle with my
connection speed a year or so ago....
However, as I am totally clueless about firewalls I shall simply ignore
grc re this one matter - unless someone can tell me why this is
happening since yesterday and who to get it "fixed" :-) .
BC
--
And God created Woman; and to repent He then created Beer.
--
ubuntu-au mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
