safe to allow IGMP?

zorank · July 7, 2006, 5:22am

Is it safe to allow IGMP inbound connection?

I noticed in the log that I received this request frequently from one of the local machines…

Zoran

egemen · July 7, 2006, 7:26am

I would not allow it unless it is necessary.

zorank · July 10, 2006, 1:33am

Many thanks for info. I will keep it out. / Zoran

m0ng0d · July 10, 2006, 8:59pm

@ egemen

but as Zoran indicated, if it’s mainly occuring from within the LAN, what harm could come from adding a rule that allows it for LAN Zone only?

could/would the rule be based on what you have previously posted @ [url]https://forums.comodo.com/index.php/topic,626.msg3865.html#msg3865[/url] ?

I’ll admit that I may be taking what you posted there out of context.

egemen · July 11, 2006, 2:03am

Hi,

It is not about being harmful but about being needed. I mean why would you need to bother your TCP/IP stack if your pc does not need to receive IGMP? Nothing harmful indeed. Just abut traffic shaping.

Egemen

zorank · July 11, 2006, 2:20am

Thanks Gents!

So it is not dnagerous…meaning nobody can use this to get into my computer?

Zoran

m0ng0d · July 11, 2006, 5:20am

whoa… traffic shaping… If i stick in this thread too long, I fear a propellor growing out of my head ;D

excellent information to know!

(R)

zorank · July 11, 2006, 5:40am

Ho, ho, ho m0ng0d, do I see promotion. “Comodo Family Member”, congratulations! / Zoran

pandlouk · July 11, 2006, 7:06am

Just some information for you guys

ICMP Protocol:

The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet protocol suite. It is chiefly used by networked computers’ operating systems to send error messages—indicating, for instance, that a requested service is not available or that a host or router could not be reached.

ICMP differs in purpose from TCP and UDP in that it is usually not used directly by user network applications. One exception is the ping tool, which sends ICMP Echo Request messages (and receives Echo Response messages) to determine whether a host is reachable and how long packets take to get to and from that host.

IGMP protocol:

The Internet Group Management Protocol (IGMP) is a communications protocol used to manage the membership of Internet Protocol multicast groups. IGMP is used by IP hosts and adjacent multicast routers to establish multicast group memberships. It is an integral part of the IP multicast specification, like ICMP for unicast connections. IGMP is used for online video and gaming, and allows more efficient use of resources when supporting these uses. IGMP does allow some attacks, and firewalls commonly allow the user to disable it if it will not be needed.

( this information is provided from http://wikipedia.org/ )

zorank · July 11, 2006, 7:18am

Thanks! So it can be used for attacks. Thanks again. Over and out. / Zoran

m0ng0d · July 11, 2006, 7:55am

Thanx Zorank, your promotion is only 12 posts away! ;D

@ Pandlouk

I really need to start using wikipedia more… that was a great explaination. Good find. ;D