Snort mailing list archives
Re: [Somewhat OT] - Why would a web server ping me?
From: Frank Knobbe <fknobbe () knobbeits com>
Date: 10 Mar 2003 20:57:33 -0600
On Mon, 2003-03-10 at 16:58, Bob McDowell wrote:
What's tying me up is the icmp. Why would a non-user ping me? Or, in other words, why would an automated process running on a web server ping one of its clients?
There are various reasons for ICMP packets, such as ICMP destination unreachables. ICMP packets are also used for PMTU discovery. Most hardening guides recommend to turn of PMTU discovery on Windows hosts (which in my opinion sucks because the system will alway use 576 byte packets [or something like that] and cripple it's performance). Anyhow, without seeing a sample of the packets, or even just a better description of ICMP type, code, source and destination address etc, I'm not sure we can be of much help. Regards, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- [Somewhat OT] - Why would a web server ping me? Bob McDowell (Mar 10)
- Re: [Somewhat OT] - Why would a web server ping me? Frank Knobbe (Mar 10)
- Re: [Somewhat OT] - Why would a web server ping me? Erek Adams (Mar 11)