User comments on ISPs
  >> Sky Broadband


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | 5 | (show all)   Print Thread
Standard User Tox_Laximus
(member) Fri 10-Jun-11 10:53:32
Print Post

MER / MTU / Respond to Ping???


[link to this post]
 
Before getting sky I had a normal router (Netgear DG834G) and had the pc and router mtu set to 1458.

So got sky and set their router mtu to 1458...

A week later the router updates its firmware from 1.11 to 2.04 and am now connected to mer instead of pppoa. the mtu on the router can no longer be changed and is hard set to 1500.

Ok, so I try setting the pc mtu to 1500, it says ok but on a reset it goes back to 1458.

I set it by running cmd as admin and paste this ... netsh interface ipv4 set subinterface "Local Area Connection" mtu=1500 store=persistent

But it just keeps going back to 1458

And why do the doughnuts at sky enable 'respond to pings' by default, this is a security risk.

EPIC FAIL ... Ping Reply: RECEIVED (FAILED) Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

My Broadband Speed Test

Edited by Tox_Laximus (Fri 10-Jun-11 10:56:59)

Standard User Kiggs
(fountain of knowledge) Fri 10-Jun-11 11:45:29
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
If you're on Vista or 7 the MTU should set automatically.

I think Sky set the option for responding to ping on by default to allow them to query to the router as to whether it is on-line or not.
Standard User Tox_Laximus
(member) Fri 10-Jun-11 11:52:36
Print Post

Re: MER / MTU / Respond to Ping???


[re: Kiggs] [link to this post]
 
Yeah win7, thx for info.

Will not allowing my router to respond to pings affect service?

My Broadband Speed Test


Register (or login) on our website and you will not see this ad.

Standard User dustofnations
(regular) Fri 10-Jun-11 13:05:23
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
Yeah win7, thx for info.

Will not allowing my router to respond to pings affect service?


Things like TBB's ping test (BQM) will not work.
Standard User Tox_Laximus
(member) Fri 10-Jun-11 13:51:26
Print Post

Re: MER / MTU / Respond to Ping???


[re: dustofnations] [link to this post]
 
Been messing around with mtu, if you set to 1400 it stays at 1400, but setting to 1500 it goes to 1458.

I know a while back it used to be 1500 and you could set to 1500, there must of been a ms update to stop it going higher than 1458, which is probably a good thing.

After digging up my old posts I found I had quite a unstable connection with MTU on ROUTER 1458, MTU on PC 1500.

Respond to pings should be off by default really, firewall test ... https://www.grc.com/x/ne.dll?bh0bkyd2

My Broadband Speed Test
Standard User Oliver341
(knowledge is power) Fri 10-Jun-11 23:52:32
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
I know a while back it used to be 1500 and you could set to 1500, there must of been a ms update to stop it going higher than 1458, which is probably a good thing.

I use Windows Vista and there's definitely no problem having an MTU of 1500. I think it's unlikely Windows 7 is any different.

C:\>ping -f -l 1472 bbc.co.uk

Pinging bbc.co.uk [212.58.254.251] with 1472 bytes of data:
Reply from 212.58.254.251: bytes=1472 time=40ms TTL=248
Reply from 212.58.254.251: bytes=1472 time=39ms TTL=248
Reply from 212.58.254.251: bytes=1472 time=39ms TTL=248
Reply from 212.58.254.251: bytes=1472 time=39ms TTL=248

Ping statistics for 212.58.254.251:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 40ms, Average = 39ms

Oliver.
Standard User jchamier
(knowledge is power) Sat 11-Jun-11 11:01:37
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
If your MTU is changing itself then I'd first check your security software.

On Windows Vista, Windows 7, and Mac OS X, there is not normally any reason to change the MTU as these operating systems "self adjust" as they monitor the path of the current connection.

If your router is at 1400 but your PC is at 1500 you're giving the router a lot of work to do in splitting every packet, which many routers don't have a very fast CPU so the effect is your connection seems "slow".

Being pingable means servers you connect to can ping your router to determine path-mtu; some mistaken security organisations (including Steve Gibson at GRC) seem to think that ignoring pings is a security feature. Nope; "hackers" / malicious intruders can still port scan you. (your router).

James - be* pro - on THFB - sync about 17.2mbps - BQM
Standard User BatBoy
(legend) Sat 11-Jun-11 11:07:05
Print Post

Re: MER / MTU / Respond to Ping???


[re: jchamier] [link to this post]
 
Ethernet runs best at 1500 and I think MER is a type of routed Ethernet so 1500 is correct.

If sky want to be able to ping their router, why not?



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User Tox_Laximus
(member) Sat 11-Jun-11 23:01:30
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
Dr TCP fixed the mtu, the problem was probably in the registry, and windows 7 does not set the mtu automatically.

As for letting your router respond to ping requests, when playing hide and seek is it best to answer if the seeker calls out, or is it better to keep quiet?

My Broadband Speed Test
Standard User jchamier
(knowledge is power) Sat 11-Jun-11 23:42:38
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
In reply to a post by BatBoy:
Ethernet runs best at 1500 and I think MER is a type of routed Ethernet so 1500 is correct.


Ethernet runs at any MTU. Yes if you have a single switch (or hub) segment, then 1500 is the biggest a regular network runs at. (Unless its a newer one with jumbo frames).

But on a WAN using lots of different networking technologies, the MTU can rise and fall, as a packet passes through switches and routers and/or firewalls.

James - be* pro - on THFB - sync about 17.2mbps - BQM
Standard User jchamier
(knowledge is power) Sat 11-Jun-11 23:45:17
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
Dr TCP fixed the mtu, the problem was probably in the registry, and windows 7 does not set the mtu automatically.


Dr TCP shouldn't be used on Win Vista or 7 as it says in the documentation - also not on 64bit of either.

As for letting your router respond to ping requests, when playing hide and seek is it best to answer if the seeker calls out, or is it better to keep quiet?


You're not playing hide and seek. There are thousands or IPs on ISP accounts, all of which are known to be allocated to the ISPs customer user base and made publicly available at RIPE (for Europe).

Any malicious attacker looking for a target is going to scan IPs using proper tools, not just with ICMP echo. Thats what 5 years olds do playing hide and seek, and your router can keep out pretty much everything (unless you have port forwarding).

Adults use TCP and UDP pings and other tools.

So basically blocking ICMP echo is hurting you more than its hurting the attacker or "hacker" as the press calls them.

James - be* pro - on THFB - sync about 17.2mbps - BQM
Standard User Tox_Laximus
(member) Sun 12-Jun-11 00:17:43
Print Post

Re: MER / MTU / Respond to Ping???


[re: jchamier] [link to this post]
 
In reply to a post by jchamier:
In reply to a post by Tox_Laximus:
Dr TCP fixed the mtu, the problem was probably in the registry, and windows 7 does not set the mtu automatically.


Dr TCP shouldn't be used on Win Vista or 7 as it says in the documentation - also not on 64bit of either.

As for letting your router respond to ping requests, when playing hide and seek is it best to answer if the seeker calls out, or is it better to keep quiet?


You're not playing hide and seek. There are thousands or IPs on ISP accounts, all of which are known to be allocated to the ISPs customer user base and made publicly available at RIPE (for Europe).

Any malicious attacker looking for a target is going to scan IPs using proper tools, not just with ICMP echo. Thats what 5 years olds do playing hide and seek, and your router can keep out pretty much everything (unless you have port forwarding).

Adults use TCP and UDP pings and other tools.

So basically blocking ICMP echo is hurting you more than its hurting the attacker or "hacker" as the press calls them.


Dr tcp gave me a extra 0.4MB

Can you explain how being stealth is hurting me?

My Broadband Speed Test
Standard User BatBoy
(legend) Sun 12-Jun-11 08:28:18
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
Can you explain how being stealth is hurting me?
Can you explain how it's helping you?



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User Tox_Laximus
(member) Sun 12-Jun-11 09:28:00
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
In reply to a post by BatBoy:
In reply to a post by Tox_Laximus:
Can you explain how being stealth is hurting me?
Can you explain how it's helping you?


I'll paste some test results....

Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

Its a waste of time running system hogging security suites on my pc, I haven't for years, just a manual virus scan every week or so and I never get any problems, but what I do get is raw speed as some of these AV's can put quite a big dent in performance.

So a lot of people don't know about this and broadcast their presence, this makes it even better for me tongue

My Broadband Speed Test
Standard User BatBoy
(legend) Sun 12-Jun-11 09:35:29
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
Thanks for that Mr Gibson. It's all nonsense of course. I bet the IMF had stealthed ports too smile



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User Tox_Laximus
(member) Sun 12-Jun-11 09:49:57
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
Who are you talking too, and what are you going on about?

My Broadband Speed Test
Standard User BatBoy
(legend) Sun 12-Jun-11 10:23:37
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
Who are you talking too, and what are you going on about?
You quoted from Steve Gibson's site. If you're happy, that's fine.



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User Tox_Laximus
(member) Sun 12-Jun-11 10:35:08
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
In reply to a post by BatBoy:
In reply to a post by Tox_Laximus:
Who are you talking too, and what are you going on about?
You quoted from Steve Gibson's site. If you're happy, that's fine.


He seems to know what he's talking about, but there might be a way into sky's routers though the upgrade process.

My Broadband Speed Test
Standard User Finguz
(knowledge is power) Sun 12-Jun-11 12:12:20
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
In reply to a post by BatBoy:
In reply to a post by Tox_Laximus:
Who are you talking too, and what are you going on about?
You quoted from Steve Gibson's site. If you're happy, that's fine.


He seems to know what he's talking about, but there might be a way into sky's routers though the upgrade process.


He is nothing more than a snake oil salesman, who is quite happy to talk absolute 'sphericals' if it suits him.

If you want your connection to work correctly, don't disable 'respond to ping'.

My Broadband Speed Test

Any ISP that thinks that selling my click traffic is acceptable is MisinPHORMed
Standard User jchamier
(knowledge is power) Sun 12-Jun-11 12:22:28
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
So a lot of people don't know about this and broadcast their presence, this makes it even better for me tongue


Not really. Steve Gibson's site was designed for the US where both cable and DSL providers give modems with ethernet sockets (sometimes USB). Many people just plugged in their PC without configuring anything (back in the Windows 98 and ME days) and never knew about security.

In the UK generally people moved to routers pretty quickly.

Steve's tests are testing your router on Sky, and since your router has no NETBIOS functionality (the legacy windows way of sharing files/printers) then its not really a valid test anymore...

James - be* pro - on THFB - sync about 17.2mbps - BQM
Standard User Tox_Laximus
(member) Sun 12-Jun-11 12:34:14
Print Post

Re: MER / MTU / Respond to Ping???


[re: Finguz] [link to this post]
 
My connection seems fine, what difference does doing this make?

My Broadband Speed Test
Standard User Tox_Laximus
(member) Mon 13-Jun-11 22:50:06
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
If you login to a sky router, click advanced>wan setup and read the help text on the right side it says...

Respond To Ping On Internet Port
If you want the Sky Router to respond to a 'Ping' from the Internet, click this check box. This can be used as a diagnostic tool. This can be a security problem. You shouldn't check this box unless you have a specific reason to do so.

My bro who services servers for a living said 'I tend to switch pinging off at the router to stop script kiddies finding a live IP they can port scan, there are no effects from switching this setting off.'

Some bad advice is spewing from this thread, there can be no good reason for someone advising this to be enabled.

My Broadband Speed Test
Standard User BatBoy
(legend) Mon 13-Jun-11 22:55:15
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
My bro who services servers for a living said 'I tend to switch pinging off at the router to stop script kiddies finding a live IP they can port scan, there are no effects from switching this setting off.'

Some bad advice is spewing from this thread, there can be no good reason for someone advising this to be enabled.
I won't be bothering him for any of my repairs. Without ping enabled TBB BQM won't work.



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User Tox_Laximus
(member) Tue 14-Jun-11 00:48:13
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
In reply to a post by BatBoy:
In reply to a post by Tox_Laximus:
My bro who services servers for a living said 'I tend to switch pinging off at the router to stop script kiddies finding a live IP they can port scan, there are no effects from switching this setting off.'

Some bad advice is spewing from this thread, there can be no good reason for someone advising this to be enabled.
I won't be bothering him for any of my repairs. Without ping enabled TBB BQM won't work.


I would like to advise you to make regular backups.

My Broadband Speed Test
Standard User mpellatt
(regular) Tue 14-Jun-11 17:09:56
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
In reply to a post by BatBoy:
In reply to a post by Tox_Laximus:
My bro who services servers for a living said 'I tend to switch pinging off at the router to stop script kiddies finding a live IP they can port scan, there are no effects from switching this setting off.'

Some bad advice is spewing from this thread, there can be no good reason for someone advising this to be enabled.
I won't be bothering him for any of my repairs. Without ping enabled TBB BQM won't work.


I would like to advise you to make regular backups.

I would like to advise you that data falls into 2 categories:

Data that has been backed up.
Data that hasn't been lost yet.
Standard User BatBoy
(legend) Tue 14-Jun-11 21:00:05
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
In reply to a post by BatBoy:
In reply to a post by Tox_Laximus:
My bro who services servers for a living said 'I tend to switch pinging off at the router to stop script kiddies finding a live IP they can port scan, there are no effects from switching this setting off.'

Some bad advice is spewing from this thread, there can be no good reason for someone advising this to be enabled.
I won't be bothering him for any of my repairs. Without ping enabled TBB BQM won't work.


I would like to advise you to make regular backups.
I've already backed up the router smile



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User jchamier
(knowledge is power) Thu 16-Jun-11 22:00:20
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
If you login to a sky router, click advanced>wan setup and read the help text on the right side it says...


Text written by the marketing department and generally copying the first Netgear router with the option.

My bro who services servers for a living said 'I tend to switch pinging off at the router to stop script kiddies finding a live IP they can port scan, there are no effects from switching this setting off.'


Ask your bro if he's used unix/linux nmap to scan a range of IPs through a firewall blocking ICMP and see if it slowed him down even 10%.

Some bad advice is spewing from this thread, there can be no good reason for someone advising this to be enabled.


I advise you go and read about Path-MTU and how servers (that you probably want the best performance from) use ICMP echo to the destination (your router) to determine the optimal MTU to use.

None of this is secret or guessing or even security. Its understanding how TCP/IP works on a large network of networks.

James - be* pro - on THFB - sync about 17.2mbps - BQM
Standard User Oliver341
(knowledge is power) Thu 16-Jun-11 22:07:56
Print Post

Re: MER / MTU / Respond to Ping???


[re: jchamier] [link to this post]
 
In reply to a post by jchamier:
I advise you go and read about Path-MTU and how servers (that you probably want the best performance from) use ICMP echo to the destination (your router) to determine the optimal MTU to use.

Path MTU Discovery uses ICMP Fragmentation Required, not ICMP Echo, so ping responses are not required from the router for this function to work.

Oliver.
Standard User BatBoy
(legend) Thu 16-Jun-11 22:13:59
Print Post

Re: MER / MTU / Respond to Ping???


[re: Oliver341] [link to this post]
 
In reply to a post by Oliver341:
Path MTU Discovery uses ICMP Fragmentation Required, not ICMP Echo, so ping responses are not required from the router for this function to work.
That's not what it says here http://www.netheaven.com/pmtu.html



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User Oliver341
(knowledge is power) Thu 16-Jun-11 22:34:34
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
In reply to a post by BatBoy:
That's not what it says here http://www.netheaven.com/pmtu.html

From that page: "notifications arrive as ICMP (Internet Control Message Protocol) packets known as "fragmentation needed" ICMPs (ICMP type 3, subtype 4)".

ICMP Echo is ICMP type 0 and 8, Reply and Request, completely separate to ICMP type 3 used for Path MTU Discovery.

Oliver.
Standard User BatBoy
(legend) Thu 16-Jun-11 22:51:41
Print Post

Re: MER / MTU / Respond to Ping???


[re: Oliver341] [link to this post]
 
In reply to a post by Oliver341:
In reply to a post by BatBoy:
That's not what it says here http://www.netheaven.com/pmtu.html

From that page: "notifications arrive as ICMP (Internet Control Message Protocol) packets known as "fragmentation needed" ICMPs (ICMP type 3, subtype 4)".

ICMP Echo is ICMP type 0 and 8, Reply and Request, completely separate to ICMP type 3 used for Path MTU Discovery.
From that page
Administrators who want to block all ICMPs should disable path MTU discovery on their computers, especially on their servers. It makes no sense to ask for ICMP notifications and then refuse to accept them. In addition, doing so opens the server to a special type of distributed denial of service attack based on resource exhaustion from a large number of fully-open connections.




______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User Oliver341
(knowledge is power) Thu 16-Jun-11 22:57:28
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
In reply to a post by BatBoy:
From that page
Administrators who want to block all ICMPs should disable path MTU discovery on their computers, especially on their servers. It makes no sense to ask for ICMP notifications and then refuse to accept them. In addition, doing so opens the server to a special type of distributed denial of service attack based on resource exhaustion from a large number of fully-open connections.

Yes, but disabling ping replies on routers does not disable all type of ICMP, just the ones dealing with ICMP Echo.

Oliver.
Standard User BatBoy
(legend) Thu 16-Jun-11 23:02:44
Print Post

Re: MER / MTU / Respond to Ping???


[re: Oliver341] [link to this post]
 
In reply to a post by Oliver341:
Yes, but disabling ping replies on routers does not disable all type of ICMP, just the ones dealing with ICMP Echo.
The OP wants to disable all type of ICMP.



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User Oliver341
(knowledge is power) Thu 16-Jun-11 23:05:45
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
In reply to a post by BatBoy:
The OP wants to disable all type of ICMP.

If you say so, BatBoy.

Oliver.
Standard User BatBoy
(legend) Thu 16-Jun-11 23:15:04
Print Post

Re: MER / MTU / Respond to Ping???


[re: Oliver341] [link to this post]
 
He wants to be invisible on the net to stop script kiddies hacking his computer ooo



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User jchamier
(knowledge is power) Fri 17-Jun-11 20:16:22
Print Post

Re: MER / MTU / Respond to Ping???


[re: Oliver341] [link to this post]
 
In reply to a post by Oliver341:
Yes, but disabling ping replies on routers does not disable all type of ICMP, just the ones dealing with ICMP Echo.


That's what you'd hope. Without actually testing, I've seen some routers (remotely, so not sure what they were) that ignored ALL ICMP when the owner told me they'd "blocked ping". Including all the useful ones :-/

James - be* pro - on THFB - sync about 17.2mbps - BQM
Standard User Tox_Laximus
(member) Fri 17-Jun-11 21:42:20
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
I suppose to test this you could run 1 week with pings on and 1 week off, and then see how many intrusions from china you get in the logs.

BTW. syslog is borked on the sky d-link and probably the sagem, plus I already know what the results will be tongue

Battyboy can test this, he likes intrusions blush

My Broadband Speed Test

Edited by Tox_Laximus (Fri 17-Jun-11 21:45:09)

Standard User BatBoy
(legend) Fri 17-Jun-11 21:58:38
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
Everything here seems a lot more settled with pings enabled and a static ip. It just works, but I'm on BE. I moved from Sky to BE due to problems with loss of routing.



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User jchamier
(knowledge is power) Sat 18-Jun-11 00:25:11
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
BTW. syslog is borked on the sky d-link and probably the sagem, plus I already know what the results will be tongue


No, you have an untested hypothesis.

I just suggested you try it. You've argued you don't want it. Its no skin off my nose at all, it doesn't affect me in the slightest. End of topic.

James - be* pro - on THFB - sync about 17.2mbps - BQM

Edited by jchamier (Sat 18-Jun-11 00:25:24)

Standard User Tox_Laximus
(member) Sat 18-Jun-11 08:59:34
Print Post

Re: MER / MTU / Respond to Ping???


[re: BatBoy] [link to this post]
 
Theres one born every minute, so why do they have to post in my thread?

My Broadband Speed Test
Standard User BatBoy
(legend) Sat 18-Jun-11 12:00:10
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
Theres one born every minute, so why do they have to post in my thread?
It's a discussion. You don't own the thread.



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User Pipexer
(eat-sleep-adslguide) Sat 18-Jun-11 20:45:03
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
My bro who services servers for a living said 'I tend to switch pinging off at the router to stop script kiddies finding a live IP they can port scan, there are no effects from switching this setting off.'

What a load of [censored].

______________
Zen 8000 Active
Standard User Tox_Laximus
(member) Sat 18-Jun-11 21:51:12
Print Post

Re: MER / MTU / Respond to Ping???


[re: Pipexer] [link to this post]
 
An ancient chinese proverb comes to mind.

'He who has retards dribbling on his window can not send a clear message out'

Pings off is more secure, anyone who say other wise is a [censored] retread...

My Broadband Speed Test

Edited by Tox_Laximus (Sat 18-Jun-11 21:55:00)

Standard User Pipexer
(eat-sleep-adslguide) Sat 18-Jun-11 22:34:03
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
I was more referring to his "there are no effects from switching this setting off".

______________
Zen 8000 Active
Standard User BatBoy
(legend) Sat 18-Jun-11 22:58:19
Print Post

Re: MER / MTU / Respond to Ping???


[re: Tox_Laximus] [link to this post]
 
In reply to a post by Tox_Laximus:
Pings off is more secure, anyone who say other wise is a [censored] retread...
That must be very tyring.



______________________________________________________________________________attack_the_post_not_the_poster__________________
Standard User John_ON
(knowledge is power) Tue 21-Jun-11 13:54:12
Print Post

Re: MER / MTU / Respond to Ping???


[re: jchamier] [link to this post]
 
In reply to a post by jchamier:
In reply to a post by Oliver341:
Yes, but disabling ping replies on routers does not disable all type of ICMP, just the ones dealing with ICMP Echo.


That's what you'd hope. Without actually testing, I've seen some routers (remotely, so not sure what they were) that ignored ALL ICMP when the owner told me they'd "blocked ping". Including all the useful ones :-/


Apparently, it's quite common for domestic routers to disable all ICMP when ping is disabled.

With the amount of open ports due to msn, yahoo, auto software updates etc, I don't think preventing a router responding to pings gives even the sightest improvement in stealth.

John.

________________________________________________
RouterStats 6.5a and RouterStats -Lite Line monitoring tools for the DG834(G) and others..

Website: vwlowen.co.uk
ISP:Be*
Standard User jchamier
(knowledge is power) Wed 22-Jun-11 07:46:56
Print Post

Re: MER / MTU / Respond to Ping???


[re: John_ON] [link to this post]
 
In reply to a post by John_ON:
With the amount of open ports due to msn, yahoo, auto software updates etc, I don't think preventing a router responding to pings gives even the sightest improvement in stealth.


Thanks smile

If you're Steve Gibson (of GRC fame) then he thinks disabling ping is important - but then he is in the US - where is very common to NOT use a router at all, and plug your only computer directly into your cable or DSL modem. Which is another thing all together smile

James - be* pro - on THFB - sync about 17.2mbps - BQM
Pages in this thread: 1 | 2 | 3 | 4 | 5 | (show all)   Print Thread

Jump to