| Tracert question. I've run a bunch of tracert searches and they all end with about ten "Request timed out" replied then "Destination net unreachable". Yet I can reach all of them in my browser including this one. I've been testing because it appears videos show up in forums with a long delay.
Any ideas? |
|
bdnhsv
join:2012-01-20
Huntsville, AL | traceroute uses ICMP echo requests and some people configure their gear to ignore those requests. The site will still work but won't reply to ping or traceroute requests. |
|
 WutanGPremium
join:2001-12-12
Seaford, DE | reply to hagbard72
Some sites and backbone routers don't respond to icmp pings and won't send anything back. Where in the traceroute does it say that, pic would help explain.
a specific traceroute of the instance you're talking about would help greatly.
what he said ^ |
|
| reply to hagbard72
What ^ they said.
In addition, most ISP and backbone routers that normally respond to ICMP requests are configured to ignore them during times of high traffic. Also once a backbone hands your traffic off to the actual ISP the host is on, often you'll fairly quickly hit a router that blocks all ICMP requests. |
|
|
|
| reply to bdnhsv
I never understand what people expect to accomplish by blocking ICMP. There are plenty of other more effective ways to bring a server down than pinging it to death. |
|
| Why support unneeded traffic? |
|
| Why make it a pain in the ass to trouble shoot? Just limit ICMP so it can't use more than 1-2% of the pipe. That keeps the big bad boogie man away. |
|
| We limit ours to 0%...that keeps everyone away |
|
| That's like turning the outside lights on your house out thinking that will keep people from breaking in. |
|
| reply to battleop
said by battleop:I never understand what people expect to accomplish by blocking ICMP. There are plenty of other more effective ways to bring a server down than pinging it to death.
ICMP can be used as a covert communications channel.
--
Certs: CCNA, GPEN, GCIH, GCFW, GSEC, GCIA, GCFA, GCWN |
|
bdnhsv
join:2012-01-20
Huntsville, AL | I've never thought about that but the headers are the same as other traffic so stego could be employed. My question would be why would someone use ICMP for this? You have the point of origin and the device being pinged (and all the hops in between). Would the set up be to allow communication between the 2 ends or is the thought that someone will intercept the packets in between? |
|
JTY
join:2004-05-29
Ellensburg, WA | reply to battleop
said by battleop:I never understand what people expect to accomplish by blocking ICMP. There are plenty of other more effective ways to bring a server down than pinging it to death.
It's done to limit the amount of load on a routers control plane. Pretty much all service provider or carrier class routers do their forwarding in hardware, but replying to things like ICMP are done on the main CPU. And, that main CPU has more important tasks like maintaining BGP sessions, as opposed to replying to ICMP. |
|
| That's great, now back to my statement about bringing a server down and not a router..... |
|
