Re: ICMP in firewall log from root-servers: msg#00325

> I have been noticing a recent trend in my log files.
> 
> For example:
> 193.0.14.200
> 192.203.230.250
> ICMP<8:0>|default policy: BLOCKED
> 
>  From what I can tell these are ROOT servers if I am right.

        No.  They are not root servers.  However they are machines that
        are used to measure stuff associated with the root servers.
        See caida.org for details.

> My firewall does not allow ANY incoming ICMP 8:0...

        Well then you should not allow out ANY IP packets at all.
        ICMP is a essential part of IP and is not a component that
        can be just turned off without negative consequences.
 
> Should this be allowed?
> Anyone else noticing any thing like this all of a sudden??
> 
> -- 
> J.D. Bronson
> Aurora Health Care // Information Systems // Milwaukee, WI USA
> Office: 414.978.8282 // Fax: 414.328.8282 // Pager: 414.603.8282

        
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews@xxxxxxx

<Prev in Thread]	Current Thread	[Next in Thread>

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: Secure Bind Template, Ketil Froyn
Next by Date:	FreeBSD + BIND + MultiProc, Gilberto Buentello Ontiveros
Previous by Thread:	ICMP in firewall log from root-servers, J.D. Bronson
Next by Thread:	Re: Secure Bind Template, Ketil Froyn
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: Secure Bind Template, Ketil Froyn

Next by Date:

FreeBSD + BIND + MultiProc, Gilberto Buentello Ontiveros

Previous by Thread:

ICMP in firewall log from root-servers, J.D. Bronson

Next by Thread:

Re: Secure Bind Template, Ketil Froyn

Indexes:

[Date] [Thread] [Top] [All Lists]