PDA

View Full Version : What does "Pinged" mean ?



Chasing Caseys
07-11-2005, 9:30 PM
When my Norton ran out i didnt have time to go get the update ( and no convenient place had it in stock) so i now use McAfee downloaded from aol which is good but it unlike Norton gives me practically all info on the activity of who has attempted an unsolicited access to my pc which is quite scary but they do give explanations and most are harmless - something to do with the web sites we visit ? But today after i did a firewall check this appeared

A computer at ACBF4DB5.ipt.aol.com has pinged your computer.

Now im worried as there was no explanation of this one :confused:

Does anyone know what this means. I have blocked all attempts found so far.Also i did put this address in the search box but nothing came up for it not even on virus sites.

Dennis Harker
07-11-2005, 9:55 PM
There is a utility on Windows (and probably other programs) to check out your internet connection, ISP, etc. by 'pinging' a known address. For instance I could start this little utility on my PC and ask it to ping Google. The program would send a few small bytes (in packets) to the servers at Google and record how long it takes and whether the packets were all sent and received correctly. This utility would then display this information for me. It is often used to help diagnose connection problems.

What has happened here is that a PC at address ACBF4DB5.ipt.aol.com has 'pinged' your computer to see what the connection is like. If you are a subscriber to aol then this is probably harmless as your ISP server will check from time to time how the connection is. If you are not on aol then it might be more suspect.

Neil Wilson
07-11-2005, 10:28 PM
You could always check with AOL helpdesk whether this activity is normal from their servers to an AOL user. You need the tell them exactly what you quoted here and which version of McAfee you are using. You could be lucky and get a reply explaining that has happened.
|computer|

Chasing Caseys
07-11-2005, 11:05 PM
Hi Dennis

Thanks for the explanation i am more at ease now and i am on aol so...

Hi Neil

Are you on aol and ever used thier "live help" !! They take you all round the workings of your computer everytime and appologies made after every sentace which drives me nuts and i have yet to spend less than 45 minutes resolving an issue. I cut and paste my conversations with them and one day may publish something called Aggravating Oral Language !!

Dennis Harker
08-11-2005, 1:02 AM
Tracey,

I've had time to do a bit of searching around on the web and have come up with the following link

http://www.senderbase.org/search?searchString=ACBF4DB5.ipt.aol.com+

If you go to that page you will see that it is one of the monitoring companies that keep an eye on all addresses, IP numbers, etc. Interestingly the one that pinged you has all 'unknowns' against it even though it is recognised as belonging to the aol domain.

Checking other IP numbers usually comes up with the owner, location, etc. In this case there is nothing so I would treat the pinging with some caution. Sounds like McAfee is doing its job and being over-efficient in letting you know everything. A lot of firewalls just do the job of stopping these without telling you.

I have also checked against some of the spam/spyware databases and there is nothing listed for this address. Therefore, it could still be aol checking the connection with a device that is not registered. I would still let McAfee keep blocking it though.

Ken Boyce
08-11-2005, 3:41 AM
Pinging is a technique somewhat like radar or underwater sonar whereby a signal is initiated from a sender device and the time interval is measured to receive an echo from some remote device (ping - ping - ping hence the term pinging).

In the world of the internet the sending computer sends a signal over the internet to a remote computer and askes it to send a signal back. The sending computer can then determine if the remote computer is online and the characteristics of the internet route between them.

Regards

Neil Wilson
08-11-2005, 8:03 PM
Hi Neil

Are you on aol and ever used thier "live help" !! They take you all round the workings of your computer everytime and appologies made after every sentace which drives me nuts and i have yet to spend less than 45 minutes resolving an issue. I cut and paste my conversations with them and one day may publish something called Aggravating Oral Language !!
Hi Tracey
I am not on AOL, but BT Yahoo, their tech help is OK, especially the instant messaging system, they really know their stuff. Bbut their administration is ********** They have admitted to billing me twice, but keep on losing the paperwork to refund me|rant|

coenmfam
09-11-2005, 2:31 PM
Tracy

Did your firewall tell what kind of "ping" it was ?

There are a few different kinds of pings
some harmless, some not so harmless

Was it just one or two from this address
or was there many repeated pings.

Neville

Chasing Caseys
09-11-2005, 2:40 PM
Hi Neville

There was no "information" reguarding the other pings. A computer at ACBF4DB5.ipt.aol.com has pinged your computer was the most information attached to one. But i am wondering now as i have blocked those pings if they are the reason i cant get onto one particular web link ?

Chasing Caseys
09-11-2005, 2:42 PM
The IP 11 digit id was there and tried looking for them but found nothing

coenmfam
10-11-2005, 1:30 AM
Tracey

( posted in 3 parts )

Part 1
I dont know how much info your firewall gives you

The things to watch for are
ICMP pings
IGMP Packets
( if your firewall identifies them )

However if you go to
https://www.grc.com/x/ne.dll?bh0bkyd2
they will test your firewall
( by pinging it )
and take you to a page to display the results

* on the first page it will tell you your IP address and a little about security
>>> read this carefully <<< , if you are new to all this

* click on proceed
*Now click on the button called "File Sharing"
this will test the security of your computers file sharing ability
This is the message you should get
--------------------------------------------------------------------------
Attempting connection to your computer. . .
Shields UP! is now attempting to contact the Hidden Internet Server within your PC. It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. And that it may be serving up all or many of your personal files for reading, writing, modification and even deletion by anyone, anywhere, on the Internet!
Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
--------------------------------------------------------------------------


end of part 1

coenmfam
10-11-2005, 1:31 AM
Part 2
* Now click on the button "All Service Ports"
The next screen will be a big grid of hopefully green squares
but dont worry if true stealth fails

as one port will normally be open
>>>> Have a very good read of this page<<<<

This may the cause .....
here is the message you may get
--------------------------------------------------------------------------
The IDENT protocol's port 113 is quite problematical more ports on this system are operatingALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.


End of part 2
Nev

coenmfam
10-11-2005, 1:32 AM
Part 3

* click on the text summary
this is the message I got
---------------------------------------------------------------------------------------
GRC Port Authority Report created on UTC: 2005-11-09 at 23:32:18

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: FAILED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

----------------------------------------------------------------------------------------

This tells me that although all my ports are closed, one of them is replying to the pings from the testing site at Shields-UP, this is not particularly serious.

Basically as long as your grid was all green, you should be safe from attack.
I hope this helps
regards
Neville

Chasing Caseys
10-11-2005, 10:33 PM
Hello Neville

I would be so impressed if you typed all that out !

I get the ICMP pings message

Will have to go over this thoroughly tomorrow. - i just dont understand why the virsus companies concerned doent have a proper understandable answer in their faq,s for most of us that dont speak I.T.

Huge thanks.

Tracey

coenmfam
11-11-2005, 1:14 PM
I always explain internet traffic like this

imagine every piece of data is like a letter with a "TO" address and a "FROM" address and in the letter : the data or information

Now imagine your computer is your home but instead of one letter box you have about 65,000 letter boxes but most of the time only the first 2 - 3 ,000 are used these letter boxes are called "ports"

so when a particular programme, like Internet Explorer uses the internet it sends "mail" and receives "mail" from a particular port this mail is called "packets" A different programme like "Firefox" ( which is another Internet Browser ) may probably use a different port to send and receive "packets"

A firewall : restricts access to and from your mailboxes ( ports ) so that you can control which programmes can access the internet and what ports the internet can access at your computer, a bit like having a guard dog chained to your mail box trained to bite the postman if unwanted mail arrives or tries to leave

Very very naughty people, properly called "crackers" ( not "hackers" ) use programmes that send little packets ( called pings ) that basically say Hello ! is there anyone home at this address and at this port ? So their programme sends lots of little packets looking for replies. IF they get a reply, they know that port (s) on that computer is accessible to their nefarious & dastardly intentions

If they are a "script-kiddie" ( read : idiot who doesnt really know what they are doing ) then that is where the story usually ends, unfortunately there are people who really do know what they are doing .... and they can do all sorts of wicked and very naughty things Like install a porn server on your computer ( very very naughty porn ) Or in the case of ( I think ) - British Airways install an internet dating agency without the knowledge of the computer owner

Sometimes a virus will very sneakily disable your firewall and anti-virus so that it pretends to be running and then contact the author of the virus so that despicable person can do the above mentioned naughty things to your computer

The moral of the story Have an effective and up-to-date anti-virus. Have an effective firewall. Also software like "Ad-aware" and "Spybot - search & destroy" both of which are freebies can help protect your computer

hope this helps
Neville