|
Home > Archive > alt.certification.mcse > December 2003 > TCP/IP and ping
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Terry Blomberg 2003-12-04, 10:26 pm |
| I started working on Windows 2000 MCSE course. I have made it to the point
where they go over TCP/IP and the utilities that are used for
troubleshooting. Is it possible for an ISP provider to stop ping and
tracert from going thru thier server. When I use either ping or tracert I
can get a response from internal network and the router and the cable modem.
Everything beyond that is either a complete packet loss or request timed
out. The last I knew operating systems had no control over response the
network card would just reply. I tried to ping the server at work , my
internet providor and msn.com and all fail after the cable modem. I have
internet and can get my email from work remotely and can go to the msn
homepage. Can someone explain this?
| |
| Gordon Findlay 2003-12-04, 11:25 pm |
| Crertainly ping and tracert can be blocked - for example at a
firewall. Firewalls are configured to let through only the packets
that the ISP (for example) thinks should be passed.
They often are: ping to avoid the possibility of a Denial of Service
attack; tracert with less justification.
Slainte
Gordon
On Thu, 4 Dec 2003 21:35:07 -0500, "Terry Blomberg"
<tblomberg@charter.net> wrote:
>I started working on Windows 2000 MCSE course. I have made it to the point
>where they go over TCP/IP and the utilities that are used for
>troubleshooting. Is it possible for an ISP provider to stop ping and
>tracert from going thru thier server. When I use either ping or tracert I
>can get a response from internal network and the router and the cable modem.
>Everything beyond that is either a complete packet loss or request timed
>out. The last I knew operating systems had no control over response the
>network card would just reply. I tried to ping the server at work , my
>internet providor and msn.com and all fail after the cable modem. I have
>internet and can get my email from work remotely and can go to the msn
>homepage. Can someone explain this?
>
| |
| Terry Blomberg 2003-12-04, 11:25 pm |
| With this being the case it would be difficult to troubleshoot a network
problem from behind one of these servers to the internet in my case. I say
this because without ping or tracert how can you check if the problem is on
your end or if the server is down. This seems like a move that can be
counter productive to anyone behind a server running this way even though as
you put it it does stop denial of service attack therefore protecting thier
network. If all server owners on the internet did this wouldn't it make it
difficult to check much of anything besides either it works great or to bad
it does not. This seems to me to be counter productive in the long run even
though it does have its place.
"Gordon Findlay" <gordonf@xtra.co.nz> wrote in message
news:t3uvsvc8os38gj1lnu0d990l6
noehcsq59@4ax.com...
> Crertainly ping and tracert can be blocked - for example at a
> firewall. Firewalls are configured to let through only the packets
> that the ISP (for example) thinks should be passed.
>
> They often are: ping to avoid the possibility of a Denial of Service
> attack; tracert with less justification.
>
> Slainte
> Gordon
>
> On Thu, 4 Dec 2003 21:35:07 -0500, "Terry Blomberg"
> <tblomberg@charter.net> wrote:
>
point[color=blue]
I[color=blue]
modem.[color=blue]
>
| |
| MCSE World 2003-12-05, 8:25 am |
| You are right. The real problem is that there is no real reason to do this
except at your own firewall. Case in point, Microsoft started blocking ICMP
packets some time against their firewalls to prevent just these sort of
attacks. That, however, is no reason for ISPs to start doing it to their
own customers...but then again, it's the brave new (and over-reacting
Internet) these days.
Best,
Will
www.mcseworld.com
"Terry Blomberg" <tblomberg@charter.net> wrote in message
news:vsvvcfg16fug50@corp.supernews.com...
> With this being the case it would be difficult to troubleshoot a network
> problem from behind one of these servers to the internet in my case. I
say
> this because without ping or tracert how can you check if the problem is
on
> your end or if the server is down. This seems like a move that can be
> counter productive to anyone behind a server running this way even though
as
> you put it it does stop denial of service attack therefore protecting
thier
> network. If all server owners on the internet did this wouldn't it make
it
> difficult to check much of anything besides either it works great or to
bad
> it does not. This seems to me to be counter productive in the long run
even
> though it does have its place.
>
>
> "Gordon Findlay" <gordonf@xtra.co.nz> wrote in message
> news:t3uvsvc8os38gj1lnu0d990l6
noehcsq59@4ax.com...
> point
tracert[color=blue]
> I
> modem.
timed[color=blue]
the[color=blue]
have[color=blue]
>
>
|
|
|
|
|