For my Firewall, I keep getting random popups alerting me of not all of these ICMP Protocall types, but some, and I don't know for sure what ICMP is for, I just ingored these before, and just denied them, because I wasn't be effected, but I would like to know what they are, and if I should stop them or just ingore them and let them in, and out freely.

[0] Echo Reply, [3] Destination Unreachable, [4] Source Quench, [5] Redirect, [6] Alternate Host Address, [8] Echo Request, [9] Router Advertisement, [10] Router Solicitation, [11] Time Exceeded, [12] Parameter Problem, [13] Timestamp, [14] Timestamp Reply, [15] Information Request, [16] Information Reply, [17] Address Mask Request, [18] Address Mask Reply, [30] Traceroute, [31] Datagram Conversion Error, [32] Mobile Host Redirect, [33] IPv6 Where-Are-You, [34] IPv6 I-Am-Here, [35] Mobile Registration Request, [36] Mobile Registration Reply, [37] Domain Name Request, [38] Domain Name Reply, [39] SKIP, [40] Photuris


Anyone know what these are? A website with information could be helpfull.

Thank you.

I'm no expert on this, but ICMP messages are control messages (Internet control message protocol). When an IP packet is sent to your network, and your router doesn't know the destinition, the it will sent back a ICMP message (destination unrechable) same happens when someone pings your site, your servre/host will sent a echo reply. Normaly, they are nothing to worry about.
Hackers can take advatage of them (I don't remember how), but you shouldn't worry about that.

Well, the idea is, should I receive these messages or should I deny them?

If not all, which ones for allowing or not allowing?

I would alow them, I think they do more good then wrong.
But as I said before, I'm no expert.
I know it is probably against the board rules, but I think in security questions you need the best answer you can get.
So maybe you can ask your question at Wilders (http://www.wilderssecurity.com/index.php) They have some good securiity guru's there.



note to mods: if linking to other forums is unacceptable, please remove the link or let m know, in that case sorry

i would choose to deny them. A simple way of disconnecting you from the internet would be to ICMP flood you using a DoS program.... so just refuse all ICMP data in your firewall and you'll be ok :)

Jee

Jeewhizz
Moderator

I will take your advice.

Let's hope are presents here, may go unnoticed. - Gandalf