HOW TO: Netcomm NB9WMAXX and Firewall

Basil Chupin blchupin at iinet.net.au
Thu Jul 15 06:47:51 BST 2010 

On 15/07/10 11:25, Dale wrote:
> On 15 July 2010 10:40, Basil Chupin<blchupin at iinet.net.au>  wrote:
>    
>> On 15/07/10 10:13, Callan Jefferson Davies wrote:
>>      
>>>> My advice: ignore grc.com. :-)
>>>>
>>>>          
>>> I'll pipe up here and agree with that statement - there's absolutely no
>>> need to go blocking pings.
>>>
>>> I work for an ISP (Adam in Adelaide) and get this question a lot from
>>> customers, and also talk to a lot of customers that have gone and
>>> blocked pings.
>>>
>>> Here's a couple of items for consideration :
>>>
>>> Â  Â - people generally want to block pings to be protected against ping
>>> "floods"
>>>
>>> Â  Â - blocking pings only stops your router from replying to pings, it
>>> doesn't stop someone sending you pings. so a ping flood can still happen.
>>>
>>> Â  Â - these days, if someone wants to discover you on the Internet,
>>> they're probably going to port-scan you, not ping you. Once they port
>>> scan you, maybe they'll find a (web, mail, ssh etc) server. Then they'll
>>> try to exploit that server. If you're not running any servers, no
>>> problem. If you are running servers, then blocking pings won't offer any
>>> benefit.
>>>
>>> Â  Â - if you're having issues with your Internet connection and you call
>>> your ISP, they're probably going to try a ping to see if your connection
>>> is online. Blocking pings makes technical support difficult!
>>>
>>>
>>> The above just represents my thoughts, but if anyone reckons I'm wrong
>>> about something please do speak up!
>>>
>>> Cheers
>>> Callan
>>>
>>>        
>> Thank you everybody for the responses. I have been assured.
>>
>> I shall now ignore grc.com :-) .
>>
>>      
> Basil,
>
> I would not go to the point of ignoring grc.com, just use it as a
> guide/reference. If you a really worried get a friend to nmap you
>
> for example:
> # nmap -sS -sU -O -p 1-65535 -v -P0<IP_ADDRESS>
> Note that nmap command can take a long time
>
> Regards
> Dale
>    

Thanks, Dale, I wasn't really going to ignore grc - even though I've 
been told years ago that "he is a fraud and doesn't know what he is 
talking about" - but simply ignore the bit about the ICMP pings being 
returned.

What I still cannot understand is why they are suddenly being returned 
just because I have changed modems. Let me explain.

Some time ago when I was dual-booting with XP and used XP on the 'net, I 
had Zone Alarm installed. This had a setting where incoming pings from 
WAN, but not LAN, were not responded to.

I then did away with XP and was using another distro - and I passed the 
grc test with flying colours. When I changed over to Ubuntu the same 
thing happened: no FAILed reports. Until I changed to this new Netcomm 
yesterday. And I am aware of what Callan said, but my ISP had "pinged" 
me a few times when I was trying to resolve a little hassle with my 
connection speed a year or so ago....

However, as I am totally clueless about firewalls I shall simply ignore 
grc re this one matter - unless someone can tell me why this is 
happening since yesterday and who to get it "fixed" :-) .

BC

-- 
And God created Woman; and to repent He then created Beer.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-au/attachments/20100715/a1ec9e0f/attachment.htm

More information about the ubuntu-au mailing list