LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-19-2017, 02:57 PM   #1
kudsu
Member
 
Registered: Apr 2017
Location: from LA
Distribution: Slackware and anything
Posts: 50

Rep: Reputation: Disabled
Ping Question


If the Internet companies were able to ping internet users before they sent packets to a connection. If they didn't get a hit they would just drop the call. Wouldn't it greatly improve security? I know in Russia they block all udp.
 
Old 04-19-2017, 05:18 PM   #2
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,609
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
Usually there is no need to do such a thing. Most connections use TCP/IP "sockets" which are bi-directional and persistent. Once the socket has been established, there's no further verification required before sending traffic through it.

"Russia" certainly does not "block all UDP," and even "the Great Firewall of China™" has holes in it.

None of this has anything to do with security. The only way to provide security for a TCP/IP or UDP connection is to encrypt the traffic.

"Ping" (ICMP ECHO ...) is simply a very lightweight way to see if an IP-address is occupied ... i-f the computer in question is programmed to respond to it.

Last edited by sundialsvcs; 04-19-2017 at 05:22 PM.
 
Old 04-20-2017, 12:52 PM   #3
ilesterg
Member
 
Registered: Jul 2012
Location: München
Distribution: Debian, CentOS/RHEL
Posts: 587

Rep: Reputation: 72
Also because most internet users are behind a NAT, so the only info the "internet company" has is the socket which is on the tcp session.
 
Old 04-20-2017, 03:59 PM   #4
kudsu
Member
 
Registered: Apr 2017
Location: from LA
Distribution: Slackware and anything
Posts: 50

Original Poster
Rep: Reputation: Disabled
ok answer me this

Does the IP header contain the source address? In what protocal is it dropped?
 
Old 04-22-2017, 05:10 AM   #5
ilesterg
Member
 
Registered: Jul 2012
Location: München
Distribution: Debian, CentOS/RHEL
Posts: 587

Rep: Reputation: 72
Quote:
Originally Posted by kudsu View Post
Does the IP header contain the source address? In what protocal is it dropped?
A simple "ipv4 header format" search will give that information.
 
Old 04-22-2017, 09:59 AM   #6
kudsu
Member
 
Registered: Apr 2017
Location: from LA
Distribution: Slackware and anything
Posts: 50

Original Poster
Rep: Reputation: Disabled
IP4 Header diagram

As we all know a ip4 header diagram contains both source and destination address. Ping only works on a valid ip address. If it is fake it doesn't go through. Ping may be trivial but it does work. A local switch could be programmed to ping all packets on arrival and drop any invalid? If this doesn't work how could it work?
 
Old 04-22-2017, 12:21 PM   #7
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 19,872
Blog Entries: 12

Rep: Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053
Quote:
Originally Posted by kudsu View Post
As we all know
i didn't know that. please don't speak on my behalf.
 
1 members found this post helpful.
Old 04-22-2017, 12:55 PM   #8
kudsu
Member
 
Registered: Apr 2017
Location: from LA
Distribution: Slackware and anything
Posts: 50

Original Poster
Rep: Reputation: Disabled
Question correction

Quote:
Originally Posted by ondoho View Post
i didn't know that. please don't speak on my behalf.
Ondoho doesn't know about datagrams but some people do.

This still doesn't tell me why using ping wouldn't work.
 
Old 04-23-2017, 05:43 AM   #9
Jjanel
Member
 
Registered: Jun 2016
Distribution: any&all, in VBox; Ol'UnixCLI; NO GUI resources
Posts: 999
Blog Entries: 12

Rep: Reputation: 363Reputation: 363Reputation: 363Reputation: 363
Interesting 'study'. I'm guessing NAT is a key piece, where 'many' IP are 192.168.1.2
I was trying to come up with 'good' web-research keywords, but I hit this tangent via:
use ping to verify valid nat source IP bogus|spoof
Can anyone advise on a better web-research ...? Thanks!
p.s. packet filtering ? http://wpollock.com/AUnixSec/IptablesOverview.htm

Last edited by Jjanel; 04-23-2017 at 05:47 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Strange Ping Issue - Can't ping localhost but can ping others on LAN code_slinger Linux - Networking 15 03-30-2015 02:39 PM
I cannot ping with command 'ping IP' address but can ping with 'ping IP -I eth0' sanketmlad Linux - Networking 2 07-15-2011 05:32 AM
Simple question about command syntax ping/log ping results ohalnet Linux - Networking 1 07-25-2006 04:46 AM
Ping question a5an0 Linux - Networking 5 05-09-2005 09:54 PM
Ping question mikeshn Linux - Networking 2 06-01-2003 07:42 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration