An Accepted Solution is available for this post. Jump to solution.
ICMP and Remote Administration
johnhiggins2
Enthusiast - Level 1
‎02-26-2011 10:31 AM

I (infrequently) check my router firewall logs.  Today I found the following - Accepted Remote Administration, ICMP Type 8 Code 0 217.118.90.197 > {edited for privacy} on clink 0.  I think that this is simply a PING from some hacker wannabe in Europe but am concerned that it showed up as Accepted Remote Administration.  My router security settings block remote admin but allow ICMP, which I think are the router default settings.  Should I do anything?  Thanks

Reply
1 Solution

Correct answers
An Accepted Solution is available for this post. Jump to solution.
Re: ICMP and Remote Administration
Anti-Phish1
Master - Level 1
‎02-26-2011 03:37 PM
@johnhiggins2 wrote:

I (infrequently) check my router firewall logs.  Today I found the following - Accepted Remote Administration, ICMP Type 8 Code 0 217.118.90.197 > {edited for privacy} on clink 0.  I think that this is simply a PING from some hacker wannabe in Europe but am concerned that it showed up as Accepted Remote Administration.  My router security settings block remote admin but allow ICMP, which I think are the router default settings.  Should I do anything?  Thanks

You're correct.  ICMP type 8 is indeed a ping.  Why Actiontec refers to this as "remote administration", I have no idea.

You can turn ICMP echoes off in the router to make it less visible on the internet.  If a hacker doesn't get a response to a ping, he's likely to move on to another IP address.

View solution in original post

Reply
2 Replies
An Accepted Solution is available for this post. Jump to solution.
Re: ICMP and Remote Administration
Anti-Phish1
Master - Level 1
‎02-26-2011 03:37 PM
@johnhiggins2 wrote:

I (infrequently) check my router firewall logs.  Today I found the following - Accepted Remote Administration, ICMP Type 8 Code 0 217.118.90.197 > {edited for privacy} on clink 0.  I think that this is simply a PING from some hacker wannabe in Europe but am concerned that it showed up as Accepted Remote Administration.  My router security settings block remote admin but allow ICMP, which I think are the router default settings.  Should I do anything?  Thanks

You're correct.  ICMP type 8 is indeed a ping.  Why Actiontec refers to this as "remote administration", I have no idea.

You can turn ICMP echoes off in the router to make it less visible on the internet.  If a hacker doesn't get a response to a ping, he's likely to move on to another IP address.

Reply
An Accepted Solution is available for this post. Jump to solution.
Re: ICMP and Remote Administration
johnhiggins2
Enthusiast - Level 1
‎02-26-2011 03:44 PM

Thanks

0 Likes
Reply