Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Return ICMP port unreachable on nonlistening socket

microsoft.public.windows.vista.security






Speedup My PC
Reply
  #1 (permalink)  
Old 11-12-2009
Petr Pisar
 

Posts: n/a
Return ICMP port unreachable on nonlistening socket
Hello,

common TCP/IP implemetations return ICMP port unreachable error packet
when somobody send packet to port where no server is listening. This was
true even in Windows XP.

However Windows Vista Business SP2 behaves differently. It drops the
packet silently even if given port is allowed for incoming communication
in Advanced firewall settings. (And yes, I'm pretty sure it's really
allowed because in the pfirewall log is not message about dropping.)

I guess this is yet another Windows feature trying to smarter and more
secure than user.

Does anybody know how to get classic behaviour back?

-- Petr
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 11-12-2009
Mr. Arnold
 

Posts: n/a
Re: Return ICMP port unreachable on nonlistening socket
Petr Pisar wrote:
> Hello,
>
> common TCP/IP implemetations return ICMP port unreachable error packet
> when somobody send packet to port where no server is listening. This was
> true even in Windows XP.
>
> However Windows Vista Business SP2 behaves differently. It drops the
> packet silently even if given port is allowed for incoming communication
> in Advanced firewall settings. (And yes, I'm pretty sure it's really
> allowed because in the pfirewall log is not message about dropping.)
>
> I guess this is yet another Windows feature trying to smarter and more
> secure than user.



Maybe, IPsec is enabled on the machine with a policy to block ICMP. A
drop message by the FW wouldn't be logged, as IPsec sits in front of the
FW and blocks.

Other than IPsec with an IPsec policy or something else like a 3rd
personal FW solution running on the machine that's doing the blocking,
then nothing else on Vista other than Vista's FW is going to be blocking.

Reply With Quote
  #3 (permalink)  
Old 11-12-2009
Petr Pisar
 

Posts: n/a
Re: Return ICMP port unreachable on nonlistening socket
On 2009-11-12, Mr. Arnold <Arnold@Arnold.com> wrote:
> Petr Pisar wrote:
>>
>> common TCP/IP implemetations return ICMP port unreachable error packet
>> when somobody send packet to port where no server is listening. This was
>> true even in Windows XP.
>>
>> However Windows Vista Business SP2 behaves differently. It drops the
>> packet silently

[...]
>
> Maybe, IPsec is enabled on the machine with a policy to block ICMP. A
> drop message by the FW wouldn't be logged, as IPsec sits in front of the
> FW and blocks.
>
> Other than IPsec with an IPsec policy or something else like a 3rd
> personal FW solution running on the machine that's doing the blocking,
> then nothing else on Vista other than Vista's FW is going to be blocking.
>

I have installed the machine and I'm the only administrator of the
system. No third party packet filters nor IPsec policies are installed
or active. FYI, ICMP echo request and replies flow normally.

I found the same complaint on web
(http://www.vistax64.com/vista-securi...-requests.html), but without solution.

Can anybody at least confirm that it's a bug/feature of Windows Vista?
(I don't have any other system to compare it.)

-- Petr
Reply With Quote
  #4 (permalink)  
Old 11-27-2009
OgL
 

Posts: n/a
Re: Return ICMP port unreachable on nonlistening socket
> Can anybody at least confirm that it's a bug/feature of Windows Vista?
> (I don't have any other system to compare it.)


It is a "feature":
http://technet.microsoft.com/en-us/l...57(WS.10).aspx

And I still have not found any way to disable it.

Ondrej
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
VISTA Can't See Printer 'Host Unreachable' bitsailor microsoft.public.windows.vista.networking sharing 7 05-24-2009 19:34
Protocole: POP3, Port: 110, Security (SSL): No, Socket error: 10060, Error number: 0x800CCC0E honchu.geo microsoft.public.windows.vista.mail 3 05-14-2009 01:05
Website unreachable tcharp Windows Vista Ultimate 0 11-11-2008 21:47
China Practically Unreachable By Western SMS? Steve General Technology News 0 09-02-2008 18:10
Memory configurations in socket?2x256 socket 1/3 and 2x512 socket GT microsoft.public.windows.vista hardware devices 1 11-25-2007 07:18




All times are GMT +1. The time now is 02:09.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120