|
![](/i/fill.gif) |
On 9/1/2013 9:02 PM, Jim Henderson wrote:
> On Sun, 01 Sep 2013 19:54:21 -0700, Patrick Elliott wrote:
>
>>> Haven't run into that one.
>>>
>> Well. It was, in my case, an attempt to get around the stupid decision
>> of my neighbors ISP to block control packets on their modems, so that,
>> when there was a problem, you couldn't use tracert, or ping, to check if
>> the problem was some place in their network, or if the modem needed to
>> be powered down, and back on, or something. So, I tried, instead, on my
>> own machine, to run one that generates the same thing, using regular
>> TCP/IP. But, since the packets where set to have odd timeouts, and
>> contain very little actually "data", the new safeguards flagged them as
>> possible DOS traffic, and simply killed them, without ever sending them.
>
> Sounds like ISP interference to me rather than the OS, though.
>
But, its not. There are a fair number of servers that, for security
reasons, may disable the control packets, including routers in the
primary backbones of the internet (or alternate paths). This means that
tracing a problem, even in your own network, never mind someone else's,
either nearly, or totally, impossible, using the normal methods. The
TCP/IP solution was specifically developed to a) do the same thing if
you can't/don't want to, disable the blocks on those functions, b) get
around issues, such as alternate routing, where you are still blocked
from access, but you can't work out why, etc. Control packets are not
"necessary" for normal operation of a network. Its not unknown, since
there are some things you can do with them, other than route tracing,
and pings, for them to be disabled, but.. its like closing a port, in a
sense, if you can't talk to past what ever is blocking it, short of
having, say, some way to proxy it, you can't use it at all, any more
than you can talk to the port that has been closed.
So, yeah, its definitely the ISP's fault, in a sense, but.. again, this
is just two commands that I am talking about. There are entirely test
tools that rely on the ability to do semi-abnormal things, to get
various kinds of information, not just from the internet in general, but
just from your own network, and literally the **entire** toolset is
broken, beyond use, because the sloppy "protection" in Windows can't
tell legit testing suites from actually invalid traffic, and just
handles them all, arbitrarily as though they are threats.
Post a reply to this message
|
![](/i/fill.gif) |