PDA

View Full Version : ICMP



Sanco
08-07-2003, 10:40 AM
I have just installed a new firewall (it actually came with McAfee virus scan 7.0) and during installation it asked me whether I want to allow all ICMP, block all ICMP or limit all ICMP. What are ICMP's and what should I set it to?

Plus it also asks me about NETBIOS and wants either settings; Allow me to reach other systems shares or Allow others to reach my shares.
Any suggestions for these settings?

KiwiTT
08-07-2003, 10:57 AM
For the general user ICMP is used for PING and TRACEROUTE.

These are quite useful to leave open. Some ISPs may ping occassionally your connection to see if you are still there. You may have some problems if you block ICMP. It is best to experiment here.

As for NETBIOS. This should be blocked if you standalone and are on the internet. If you operate on a small LAN, this could be more tricky as it will be used over TCPIP to connect to other PCs

Terry Porritt
08-07-2003, 12:09 PM
Netbios should be unbound from TCP/IP for security. Gibsons' site tells you how to do this:

http://grc.com/su-bondage.htm

It takes a bit of wading through, and if you dont have a network as such not all will apply, but the object of the excercise is to "ungrey out" the box and remove the tick in the NetBIOS tab window of TCP/IP>Dial Up Adapter - Properties, "I want to enable NetBIOS over TCP/IP".

By default for some reason Microsoft arranged for everything to bind to everything else, this potentially leaves pathways open for exploitation.