.....wants to send ICMP packet to your machine

Discussion in 'Computer Security' started by RF, Aug 20, 2009.

  1. RF

    RF Guest

    Hi Experts,

    I have been watching this parade of attempts to access my Win2K kernel.
    Is it reasonable to assume that these are safe or? My Kerio firewall is
    grabbing them by the throat every time one comes by. Great guy Kerio :)

    1 Someone on address S01060023cdc72ccb.wp.shawcable.net
    [] wants to send ICMP packet to your machine.

    2 Someone on address 66-215-175-74.dhcp.snbr.ca.charter.com
    [] wants to send ICMP packet to your machine

    [] wants to send ICMP packet to your machine

    In all cases Details about Application are: tcpip kernel driver.

    RF, Aug 20, 2009
    1. Advertisements

  2. RF

    1PW Guest

    Hello RF:

    It would be reasonable to assume that /none/ of these safe. Amongst
    other possibles, I high probability exists that these are bots.

    In addition to the notifications that your firewall yields, I hope you
    are suppressing responses to these packets.

    1PW, Aug 20, 2009
    1. Advertisements

  3. RF

    Leythos Guest

    Why is your computer connected directly to the Internet?

    At the very least you should be sitting behind a cheap NAT router that
    doesn't respond to Ping requests certainly doesn't pass anything inbound
    without your permission.
    Leythos, Aug 20, 2009
  4. RF

    RF Guest

    Thank you 1PW. That's what I have been doing.
    RF, Sep 6, 2009
  5. RF

    RF Guest

    Thanks Leythos.
    It is DSL and online while the computer is running.
    I have a firewall.
    RF, Sep 6, 2009
  6. RF

    1PW Guest

    Hello RF:

    Leythos' question has earned re-asking. Why are you directly
    connected to the Internet? Any network device you have should only
    see the LAN side of a good NAT router. Only the WLAN side of a good
    NAT router should "see" your DSL modem's Ethernet port.

    Well crafted malware does defeat a Kerio firewall.
    1PW, Sep 6, 2009
  7. RF

    RF Guest

    Programs within the computer often pop up a window (generated by the
    firewall) and ask for permission to visit some other source. I often
    wonder whether they are passing some info from my computer. On the other
    hand the opposite is often true - they ask to have access. Usually
    these requests have a name and IP# attached and, on a few ocasions I
    tried to access that number and failed. I finally decided to allow the
    few I can recognize the access. Strange ones get shut out.
    The system is complicated and one can never tell what other loopholes
    there are. I play it safe and minimize access. Do you know the holes and
    ports that should be plugged and, if so, I'd like to know about them and
    how how to block them?

    Thanks for your input.
    RF, Sep 6, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.