Newbie: why so many ICMPs?

[John Bertagnolli <ijbert () mac com>]

Greetings -

I spent yesterday loading Fedora 2, snort and ACID. I have everything working like I think it's supposed to. When I log into my ACID page, I see literally hundreds of "<x-tad-bigger>ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited</x-tad-bigger>" messages. The source address is my IP, the destination address varies. These messages are 90% of what I am seeing in ACID.

I can see these entries logged if I try to ftp to my machine, having ftp off. My thought is that the service is denied, the ICMP is generated, and my router is interfering. I have a Netgear ADSL Firewall Router DG834. I have turned off NAT and added firewall holes to allow all traffic inbound and output.

Is this a reasonable assumption? I could buy a new ADSL modem. Barring that, could I turn these responses off, since they aren't getting past my modem/router? Or is that something I shouldn't do?

Thanks,
John