What is this firewall alert ICMP protocol problem

I have recently put together a new PC with WinXP Home SP2 (I was previously using Win98SE).

On both the new and the old machine, I use a Linksys BEFSR11 router with the same configurations on both machines. I also use Zone Alarm free V5.5.062.004

With my old Win98 machine, I never had any incoming alerts. The router seemed to have blocked everything. Effectively the ZA was checking outgoing traffic.

With the WinXP machine, however, I am getting quite a few alerts - mostly to do with the following alert:

Rating : medium Protocol : ICMP (type:3/subtype:2) Source : 192.168.1.1 Destination : 192.168.1.100 Direction : incoming

The description states that a packet was sent but the ICMP was unreachable and (presumably the return) was blocked.

I never got this with Win98. Is this something to do with WinXP, or is there another problem. I know from ZA that this is not really a problem as the firewall blocked it anyway, I would just like to know why I am getting it and if I can stop it. It talks about something on local networks that can cause it, but I am the only PC on the router and I have no network.

Thanks for any advice you can provide

Martin

Reply to
Martin C
Loading thread data ...

Look man, 192.168.1.1 is the device IP of the router. The router wants to communicate with the machine or machines connected to its LAN ports. You should configure the personal FW/personal host based packet filter to stop complaining about nothing.

Duane :)

Reply to
Duane Arnold

Thanks for the very quick reply. I was aware that the IP address of the router was the one being mentioned. I was just more intrigued as to why it was complaining with the XP installation, yet I received absolutely nothing when it was connected to the Win98 machine. I knew that it was not really a problem, just was interested in the difference.

Martin

"Duane Arnold"

Reply to
Martin C

The router is doing a discovery of machines on its LAN ports by sending ICMP packets to them.

What ICMP packets it's sending, I don't know particularly but it's sending them.

The PFW on the Win98 machine if it had one was configured to ignore ICMP I guess.

The one your using on the XP machine is configured to not let it pass and you should let it pass.

Duane :)

Reply to
Duane Arnold

ICMP Destination Protocol Unreachable messages. These messages indicate that the router doesn't support the requested protocol. You may be running non-IP protocols on your network that your router doesn't support (IPX/SPX possibly).

If everything works for you, I wouldn't worry about it too much.

Hope that helps.

Reply to
Al

Maybe.

I doubt that.

Ridiculous. Drop Zone Alarm, you just don't need it.

Yours, VB.

Reply to
Volker Birk

192.168.1.100 sent a packet "somewhere" that was not acceptable to host 192.168.1.1, which is complaining that it's an unsupported protocol. The "normal" protocols used on IP are "ICMP", "TCP" and "UDP". Your system may know one or two others, such as "IGMP" (a control protocol associated with Multicast - or steaming audio/video) or a routing protocol such as IGP. However, there are 140 different protocols that may be found in an IP packet.

Yes, most consumer grade firewalls provide very little useful information.

Find out what garbage 192.168.1.100 is sticking on the wire that is making

192.168.1.1 unhappy. A packet sniffer such as Ethereal may provide the answer.

Old guy

Reply to
Moe Trin

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.