Digital BW, The Print

Lately I've been looking at firewall software packages to replace a 
freeware that I've been using for some time. It kept all ports closed 
but one, the Ping Echo port which would acknowledge any ping request 
from the net.

Ping requests are sent by, amongst others, hackers and spammers 
looking for unprotected computers which they can later use for 
massive email spamming or even denial of service attacks.

After looking at several firewall packages, I've finally decided on 
an SMC Barricade (SMC7004ABR) It's a 4-port 10/100 Mbps Broadband 
Router. It allows for up to 4 computers to connect to one internet 
connection, cable or even 56k modem.

But the best thing about it is that it provides the firewall 
protection that I need for only $29.95 canadian after instant and 
mail-in rebate or about $23.00 US. I'm sure it's about to be replaced 
by a newer model, but the price is right and it does the job: my 
computer no longer responds to ping requests and all other ports are 
closed.

http://www.futureshop.ca/catalog/proddetail.asp?
logon=&langid=EN&dept=0&WLBS=fsweb9&sku_id=0665000FS10008877&catid=&ne
wdeptid=18
This link is rather long, dont forget to copy and paste the missing 
caracters into your browser.

If you want to test your computer's vulnerability to online threats :
Symantec Security Check
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

Gibson Research Corp.'s ShieldsUP!
https://grc.com/x/ne.dll?bh0bkyd2

I sure hope that this is not too far off topic, but as a digital b&w 
printer I do use the internet to subscribe to this list. Please dont 
flame me!

Hope this helps,
Cheers,
Andre

> Ping requests are sent by, amongst others, hackers and spammers
> looking for unprotected computers which they can later use for 
> massive email spamming or even denial of service attacks.

If your system/network is otherwise secure, there's no harm in
responding to pings.

--- In DigitalBlackandWhiteThePrint@yahoogroups.com, "Anthony G. 
Atkielski" <anthony@a...> wrote:
> > Ping requests are sent by, amongst others, hackers and spammers
> > looking for unprotected computers which they can later use for 
> > massive email spamming or even denial of service attacks.
> 
> If your system/network is otherwise secure, there's no harm in
> responding to pings.


"Ping is a network troubleshooting utility. It asks your computer to 
acknowledge its existence. If your computer responds positively to a 
ping, hackers are more likely to target your computer."

In checking the traffic log of the old firewall I could see ping 
requests from all over the world. But they do not stop at the first 
ping, they go on and on. Put several of them together and you've got 
what looks like a network slowdown. 

Internet denial of service attacks works in the same way, but at a 
more intense level. Giving your internet connection stealth status is 
one way to ensure you get the maximum speed from your connection.

Cheers,
Andre

it is fairly standard practice in the security arena
to discard ping protocol requests. The siemens is a
pretty good device and you got a great price on it.

brentley


--- sceptre12345 <am1000@...> wrote:

> --- In DigitalBlackandWhiteThePrint@yahoogroups.com,
> "Anthony G. 
> Atkielski" <anthony@a...> wrote:
> > > Ping requests are sent by, amongst others,
> hackers and spammers
> > > looking for unprotected computers which they can
> later use for 
> > > massive email spamming or even denial of service
> attacks.
> > 
> > If your system/network is otherwise secure,
> there's no harm in
> > responding to pings.
> 
> 
> "Ping is a network troubleshooting utility. It asks
> your computer to 
> acknowledge its existence. If your computer responds
> positively to a 
> ping, hackers are more likely to target your
> computer."

Please note, however, that RFC 1122 (Requirements for Internet Hosts) 
states in section 3.2.2.6:

"Every host MUST implement an ICMP Echo server function that receives 
Echo Requests and sends corresponding Echo Replies."

Nowhere in 1122 (which is *the* spec for this sort of thing) does it say 
that ICMP Echo (ping) servers may be disabled or set to ignore ICMP Echo 
packets.  The sole exception is for an ICMP Echo packet destined for a 
broadcast or multicast destination IP.  Disabling Echo Replies makes 
your TCP/IP implentation non-compliant with the standard.

I'm in the business of making tools to make the Internet, and systems 
with ICMP Echo Reply disabled prove to be a real pain for network 
people.  "Ping" is there for a very good reason.  It isn't dangerous. 
Please leave it enabled if you possibly can.

[diatribe: off]

Best wishes,
-- 
Jon ( entropy@... )


sceptre12345 wrote:

> --- In DigitalBlackandWhiteThePrint@yahoogroups.com, "Anthony G. 
> Atkielski" <anthony@a...> wrote:
> 
>>>Ping requests are sent by, amongst others, hackers and spammers
>>>looking for unprotected computers which they can later use for 
>>>massive email spamming or even denial of service attacks.
>>
>>If your system/network is otherwise secure, there's no harm in
>>responding to pings.
> 
> 
> 
> "Ping is a network troubleshooting utility. It asks your computer to 
> acknowledge its existence. If your computer responds positively to a 
> ping, hackers are more likely to target your computer."
> 
> In checking the traffic log of the old firewall I could see ping 
> requests from all over the world. But they do not stop at the first 
> ping, they go on and on. Put several of them together and you've got 
> what looks like a network slowdown. 
> 
> Internet denial of service attacks works in the same way, but at a 
> more intense level. Giving your internet connection stealth status is 
> one way to ensure you get the maximum speed from your connection.
> 
> Cheers,
> Andre

> Giving your internet connection stealth status is
> one way to ensure you get the maximum speed from your connection.

It also prevents network problems from being tracked correctly, since
your machine is effectively invisible.  If you are operating any kind of
server, it's a good idea to answer pings.  If your machine is strictly a
client, it's less important, but then again, it's less of a risk, too
(since you should have fewer ports open).

> From: Anthony G. Atkielski [mailto:anthony@...]
>
> It also prevents network problems from being tracked correctly, since
> your machine is effectively invisible.  If you are operating any kind of
> server, it's a good idea to answer pings.  If your machine is strictly a
> client, it's less important, but then again, it's less of a risk, too
> (since you should have fewer ports open).

A lot of large servers don't respond to pings, like www.microsoft.com. I
suspect it's because whenever someone wants to make sure their DSL isn't
dead, they ping www.microsoft.com, and they just got tired of the millions
of pings.

--

Ciao,               Paul D. DeRocco
Paul                mailto:pderocco@...

> A lot of large servers don't respond to pings, like www.microsoft.com. I
> suspect it's because whenever someone wants to make sure their DSL isn't
> dead, they ping www.microsoft.com, and they just got tired of the millions
> of pings.

I don't know why they turned off ping replies, but network load can't be
the reason.  With the load they are already carrying for everything
else, the load from pings isn't going to make much of a dent in
anything, either for bandwidth or for server horsepower.