.com.unity Forums
  The Official e-Store of Shrapnel Games

This Month's Specials

Raging Tiger- Save $9.00
The Star and the Crescent- Save $9.00

   







Go Back   .com.unity Forums > Shrapnel Community > Space Empires: IV & V

Reply
 
Thread Tools Display Modes
  #1  
Old September 14th, 2004, 10:38 PM

Baron Grazic Baron Grazic is offline
Captain
 
Join Date: Oct 2001
Location: Australia
Posts: 809
Thanks: 0
Thanked 0 Times in 0 Posts
Baron Grazic is on a distinguished road
Default Re: OT - IGMP Protocol query

This is a new Test XP machine, that I built to test a new Internal Firewall on our Domain. This Fireall is blocking the IGMP packets and brought it to my attention.
At least a couple of times a day, the XP machine sends packets to the address of 224.0.0.22, which routes to igmp.mcast.net
We are not using any Multicasting software, and this XP box is pure Windows XP, no other software except for the Virus/Firewall client that I am testing.
Suggestions?
Reply With Quote
  #2  
Old September 14th, 2004, 10:47 PM
Instar's Avatar

Instar Instar is offline
Major
 
Join Date: Aug 2000
Posts: 1,246
Thanks: 0
Thanked 0 Times in 0 Posts
Instar is on a distinguished road
Default Re: OT - IGMP Protocol query

http://www.webopedia.com/TERM/I/IGMP.html
Not exactly a wordy definition.
I can't find what mcast.net is. I haven't been able to ping it or anything. Whois comes up blank. I can't say what that is or what it is doing. What brand of A/V stuff are you using? Firewall?
__________________
When a cat is dropped, it always lands on its feet, and when toast is dropped, it always lands with the buttered side facing down. I propose to strap buttered toast to the back of a cat. The two will hover, spinning inches above the ground. With a giant buttered cat array, a high-speed monorail could easily link New York with Chicago.
Reply With Quote
  #3  
Old September 16th, 2004, 01:42 AM

Baron Grazic Baron Grazic is offline
Captain
 
Join Date: Oct 2001
Location: Australia
Posts: 809
Thanks: 0
Thanked 0 Times in 0 Posts
Baron Grazic is on a distinguished road
Default Re: OT - IGMP Protocol query

Thanks Instar.
I am testing TrendMicro OfficeScan Anti-Virus software and Firewall.
There is a couple of references to igmp.mcast.net but not why XP would be attempting to connect to it, once a day.
Reply With Quote
  #4  
Old September 16th, 2004, 01:52 AM
Instar's Avatar

Instar Instar is offline
Major
 
Join Date: Aug 2000
Posts: 1,246
Thanks: 0
Thanked 0 Times in 0 Posts
Instar is on a distinguished road
Default Re: OT - IGMP Protocol query

I used to use Trend Micro. It was good enough.
Anyhow, its a weird thing, trying to contact a non-existant site (unless its an evil government plot! The ILLUMINATTI are coming!)
Its a multicast IP protocol... hmm
No harm in continuing blocking it. I know IE has a toolbar thing that Adaware considers spyware. Get Adaware on disk and see what happens when you run it.
__________________
When a cat is dropped, it always lands on its feet, and when toast is dropped, it always lands with the buttered side facing down. I propose to strap buttered toast to the back of a cat. The two will hover, spinning inches above the ground. With a giant buttered cat array, a high-speed monorail could easily link New York with Chicago.
Reply With Quote
  #5  
Old September 16th, 2004, 08:44 AM
Thermodyne's Avatar

Thermodyne Thermodyne is offline
Lieutenant Colonel
 
Join Date: Dec 2000
Location: DC Burbs USA
Posts: 1,460
Thanks: 0
Thanked 1 Time in 1 Post
Thermodyne is on a distinguished road
Default Re: OT - IGMP Protocol query

It’s an unassigned IGMP address. I would just block it at the firewall. It’s probably just a multicast from your system (host) looking for members.

Here’s a link to IGMP

http://www.freesoft.org/CIE/RFC/1112/18.htm


As a rule of thumb, you should build a list of what the firewall needs to pass and then lock everything else down. In practice, we lock it all down and then open as needed. Often, we apply filters to the PIX’s on a per machine basis. Allowing all internally originating traffic is no longer seen as acceptable.

PS: TM's antivirus has had some bigtime patch blowups in the past.
__________________





Think about it
Reply With Quote
  #6  
Old September 16th, 2004, 09:56 AM
Instar's Avatar

Instar Instar is offline
Major
 
Join Date: Aug 2000
Posts: 1,246
Thanks: 0
Thanked 0 Times in 0 Posts
Instar is on a distinguished road
Default Re: OT - IGMP Protocol query

"PS: TM's antivirus has had some bigtime patch blowups in the past. "
I didn't notice that when I used it, then again, I had a fast connection to download the patches with, and I had a huge HD anyhow.
__________________
When a cat is dropped, it always lands on its feet, and when toast is dropped, it always lands with the buttered side facing down. I propose to strap buttered toast to the back of a cat. The two will hover, spinning inches above the ground. With a giant buttered cat array, a high-speed monorail could easily link New York with Chicago.
Reply With Quote
  #7  
Old September 16th, 2004, 10:08 AM
Thermodyne's Avatar

Thermodyne Thermodyne is offline
Lieutenant Colonel
 
Join Date: Dec 2000
Location: DC Burbs USA
Posts: 1,460
Thanks: 0
Thanked 1 Time in 1 Post
Thermodyne is on a distinguished road
Default Re: OT - IGMP Protocol query

I had it on a small net with about 15 clients, two times in a 1 year period it blew up during update installs. Once it needed to be reinstalled and once it forced me to reload the systems. (thank god for ghost) Both times it was a known issue that they pushed the update out with. After that, I only support Norton in the contracts. If they want to skimp on AV, then it's T&M if it goes down.
__________________





Think about it
Reply With Quote
  #8  
Old September 17th, 2004, 07:34 AM
minipol's Avatar

minipol minipol is offline
Second Lieutenant
 
Join Date: Jul 2002
Location: Belgium
Posts: 558
Thanks: 0
Thanked 0 Times in 0 Posts
minipol is on a distinguished road
Default Re: OT - IGMP Protocol query

Quote:
As a rule of thumb, you should build a list of what the firewall needs to pass and then lock everything else down. In practice, we lock it all down and then open as needed.
That's the only correct way to do it IMHO. Lock it down, watch the logs and look what bounced, then open if you know what service is responsible for the hit.
__________________
A Se++ GdY $++ Fr+ C++++ Csc Sf++ Ai** AuO M MpT MpSk MpFd S--- Ss- RV Pw Fq Nd- Rp- G Mm++ Bb++ Tcp+ L++
Reply With Quote
Reply

Bookmarks


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump


All times are GMT -4. The time now is 08:55 AM.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Copyright ©1999 - 2025, Shrapnel Games, Inc. - All Rights Reserved.