ICMP 8 OPEN
Hudson Delbert J Contr 61 CS/SCBN
Delbert.Hudson at LOSANGELES.AF.MIL
Mon Oct 25 16:18:25 UTC 2004
i can see it now.
there will be a 'ubuntu-security' list or at least s/b, i see a lot people
asking questions about rather basic netsec and there appears to be a rather
large contingent of folk who have not really been exposed to what it REALLY
takes to lock down ( & keep it so ).
sorry, i presumed there was not such a list as i have not seen a single
suggestion to take a thread the 'sec' list, so maybe i started wrong.....
is there a ubuntu-security list ?
if not, one is needed.
i would also suggest that scans from internet sites such as this area bad
habit
to start and worse to continue. these types of scans s/b done by the user
himself
from systems owned by the user with executables that the user at least not
the origin of.
v/r,
~piranha
-----Original Message-----
From: ubuntu-users-bounces at lists.ubuntu.com
[mailto:ubuntu-users-bounces at lists.ubuntu.com]On Behalf Of sparkes
Sent: Saturday, October 23, 2004 12:54 AM
To: ubuntu-users at lists.ubuntu.com
Subject: Re: ICMP 8 OPEN
Warty Warthog wrote:
> http://scan.sygate.com/quickscan.html when I scan my
> Ubuntu box I get the following error:
> Protocol Type Status Additional Information
> ICMP 8 OPEN An ICMP ping request is
> usually used to test Internet access. However, an
> attacker can use it to determine if your computer is
> available and what OS you are running. This gives him
> valuable information when he is determining what type
> of attack to use against you.
>
> What does it mean? and with or without firestarter
> firewall I get such error. How can I avoid this error?
>
if you are running ping a potential attacker can *see* your machine and
perhaps have a slight advantage in attacking other services on your
machine but as you have no other open ports it would need a ping
vunulbility to take advantage of ;-)
running 'netstat - a' will (if my memory serves me correctly) give you
the full rundown on all open ports. Most of these will relate to your
incoming email, web connections, irc, ssh and the other things most of
us run 24/7, plus the local sockets used in your programs. You need to
look for tcp, utp and icmp. But if you have a fresh ubuntu machine the
list will be dramatically shorter than it would be on a comparable
machine due to the fact (as you found out) most services are turned off
by default.
Not being an adminstrator (ugghhh, poor fellows ;-) ) I can't remember
how to disable ping using ipchains and I have never used firestarter but
many firewall scripts have the option to ignore pings (or even all icmp
traffic if you wish) so hunt around for the option.
sparkes
--
<davee> "Sparkes, the Pete Best of LugRadio"
--
ubuntu-users mailing list
ubuntu-users at lists.ubuntu.com
http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
More information about the ubuntu-users
mailing list