lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <slrnkbtfgm.us1.narkewoody@zuhnb712.local.com>
Date:	Wed, 5 Dec 2012 03:24:00 +0000 (UTC)
From:	Woody Wu <narkewoody@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: Re: Why a host not ping-able?

On 2012-12-04, Rob Landley <rob@...dley.net> wrote:
> On 12/04/2012 12:17:25 AM, Woody Wu wrote:
>> Hi, list
>> 
>> I am not sure this has something with kernel.
>
> It doesn't.
>
>> But the system I just
>> generated cannot be reached from ping.  It can ping outside, but if I
>> ping it from outside, I just get "Destination Host Unreachable".
>
> Some distributions' default firewall rules respond to icmp packets with  
> a host unreachable packet. This is a system/network administration  
> thing (iptables) and nothing to do with kernel development.
>
>> I think there is not firewall in between,
>
> There's a firewall  built into linux, read the man page for the  
> "iptables" command. The "iptables-save" command dumps your entire  
> current ruleset to stdout so you can see what's in there. (You might  
> have to run it as root, I forget.)
>
> https://help.ubuntu.com/community/IptablesHowTo
>

This 'distribution' I am running is a tailor linux 3.4.19 on an embedded
system (Samsung S3C2410).  Because this is a very small system, I
believe I did not add any ip-table options in the kernel. And, I did not
install any user space firware packet for it.  So maybe this is really a
firewall play in between.

Now I run tcpdump on the target system with 'tcpdump -i eth0'. Then when
I ping it from another Linux box, I see nothing from the tcpdump output.
Does this confirm there is a firewall blocked the ping packets?

Thanks in advance.


-- 
woody
I can't go back to yesterday - because I was a different person then.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ