ICMP / UDP Packets ?

ICMP / UDP Packets ?

Post by Paulo Pereir » Fri, 07 Dec 2001 07:11:03



Hi, I'm quite new to this personal firewall thing and would like some
information from you experts :-)

I installed the Tiny Personal Firewall and used it for a few days.
When I establish a new internet dial-up modem connection, tiny
firewall alerts me that some application wants to send ICMP packet
(usually tcpkernel.exe) / or UDP-datagram (usually Maapp.exe) to some
server and vive-versa.

Can someone explain to me in simple words what ICMP packets and
UDP-datagrams are? What is their function? Are they vital or at least
useful for some purpose?

I recogn this is some sort of normal dialogue between the server I
dial in and my computer and nothing bad.
I didn't notice any connection problems after setting Tiny Firewall to
not allow any exchange of ICMP / UDP, so I wonder, what they are for.
Should I permit them or not?

Sorry for my bad English :-)

Paulo Pereira

 
 
 

ICMP / UDP Packets ?

Post by Chris Clark » Fri, 07 Dec 2001 09:24:27


Hi, I'm no expert myself, but here's a good link I picked up along the
way...  There are quite a few tips for setting up rules in TPF, which I
found most useful.

http://www.tpffaq.com/cgi-bin/faqmanager.cgi

Ha! I just checked and that link currently isn't working for me :( so you
could also try this one for now:

http://www.legolas.ca:8080/sec2.html

Hope this helps.

--
Chris Clarke

 
 
 

ICMP / UDP Packets ?

Post by Shau » Fri, 07 Dec 2001 15:02:50


On Wed, 05 Dec 2001 23:11:03 +0100, Paulo Pereira


>Can someone explain to me in simple words what ICMP packets and
>UDP-datagrams are? What is their function? Are they vital or at least
>useful for some purpose?

ICMP and UDP are protocols, much like TCP/IP is a protocol. TCP/IP is
the most common network protocol, and is used by most internet
programs. UDP is sort of like TCP/IP, except it's "connectionless" and
offers less in the way of error correction; a lot of network games use
UDP. Think of ICMP as more of a network debugging protocol; it's
mostly used to do things like pings and traceroutes.

Neither are vital for the average user, unless you happen to play
network games.

Quote:>I recogn this is some sort of normal dialogue between the server I
>dial in and my computer and nothing bad.

This is most likely the case. mmapp.exe is a component of DUN, so it
sounds like connection negotiation. I don't know what the UDP
datagrams are doing, but the ICMP packets are probably being used to
make sure that your connection is up.

Quote:>Sorry for my bad English :-)

Don't be, your English is better than that of most native speakers!

Shaun

--

#include <std_disclaimer>

 
 
 

ICMP / UDP Packets ?

Post by Bryan Dawso » Fri, 07 Dec 2001 23:10:50


ICMP is used for normal operation of an IP network.  It is also used for
network troubleshooting.  ICMP performs more that ECHO and ECHO REPLY
(Pings) it is used for items such as redirects.

UDP is used by many applications and is a vital part of operation.  An
example of this is name resolution.  When visit a site through your
browser such as www.someplaceontheInternet.com, the name is resolved to
an IP address via a name server.  The name resolution, for DNS, uses UDP
port 53 to travel from your computer to the DNS server.  This is only
one example of the use of UDP and there are many.

Hopefully this has shed some light on the topic.

Bryan Dawson


> On Wed, 05 Dec 2001 23:11:03 +0100, Paulo Pereira

>>Can someone explain to me in simple words what ICMP packets and
>>UDP-datagrams are? What is their function? Are they vital or at least
>>useful for some purpose?

> ICMP and UDP are protocols, much like TCP/IP is a protocol. TCP/IP is
> the most common network protocol, and is used by most internet
> programs. UDP is sort of like TCP/IP, except it's "connectionless" and
> offers less in the way of error correction; a lot of network games use
> UDP. Think of ICMP as more of a network debugging protocol; it's
> mostly used to do things like pings and traceroutes.

> Neither are vital for the average user, unless you happen to play
> network games.

>>I recogn this is some sort of normal dialogue between the server I
>>dial in and my computer and nothing bad.

> This is most likely the case. mmapp.exe is a component of DUN, so it
> sounds like connection negotiation. I don't know what the UDP
> datagrams are doing, but the ICMP packets are probably being used to
> make sure that your connection is up.

>>Sorry for my bad English :-)

> Don't be, your English is better than that of most native speakers!

> Shaun

> --

> #include <std_disclaimer>

 
 
 

ICMP / UDP Packets ?

Post by Paulo Pereir » Sat, 08 Dec 2001 01:37:09




Quote:>ICMP is used for normal operation of an IP network.  It is also used for
>network troubleshooting.  ICMP performs more that ECHO and ECHO REPLY
>(Pings) it is used for items such as redirects.

>UDP is used by many applications and is a vital part of operation.  An
>example of this is name resolution.  When visit a site through your
>browser such as www.someplaceontheInternet.com, the name is resolved to
>an IP address via a name server.  The name resolution, for DNS, uses UDP
>port 53 to travel from your computer to the DNS server.  This is only
>one example of the use of UDP and there are many.

Thanks for the explanations.

If I get that right, than I should allow all ICMP and UDP traffic,
because it can't be misused apart from port-scanning?

Paulo Pereira

 
 
 

ICMP / UDP Packets ?

Post by k9to » Tue, 11 Dec 2001 16:42:42


ICMP is used for valuable information routing information available, it
only fulfills that function for local networks, not for propagating
routing information across gateways and to remorte networks.
fire

> ICMP is used for normal operation of an IP network.  It is also used for
> network troubleshooting.  ICMP performs more that ECHO and ECHO REPLY
> (Pings) it is used for items such as redirects.

> UDP is used by many applications and is a vital part of operation.  An
> example of this is name resolution.  When visit a site through your
> browser such as www.someplaceontheInternet.com, the name is resolved to
> an IP address via a name server.  The name resolution, for DNS, uses UDP
> port 53 to travel from your computer to the DNS server.  This is only
> one example of the use of UDP and there are many.

> Hopefully this has shed some light on the topic.

> Bryan Dawson


> > On Wed, 05 Dec 2001 23:11:03 +0100, Paulo Pereira

> >>Can someone explain to me in simple words what ICMP packets and
> >>UDP-datagrams are? What is their function? Are they vital or at least
> >>useful for some purpose?

> > ICMP and UDP are protocols, much like TCP/IP is a protocol. TCP/IP is
> > the most common network protocol, and is used by most internet
> > programs. UDP is sort of like TCP/IP, except it's "connectionless" and
> > offers less in the way of error correction; a lot of network games use
> > UDP. Think of ICMP as more of a network debugging protocol; it's
> > mostly used to do things like pings and traceroutes.

> > Neither are vital for the average user, unless you happen to play
> > network games.

> >>I recogn this is some sort of normal dialogue between the server I
> >>dial in and my computer and nothing bad.

> > This is most likely the case. mmapp.exe is a component of DUN, so it
> > sounds like connection negotiation. I don't know what the UDP
> > datagrams are doing, but the ICMP packets are probably being used to
> > make sure that your connection is up.

> >>Sorry for my bad English :-)

> > Don't be, your English is better than that of most native speakers!

> > Shaun

> > --

> > #include <std_disclaimer>