elitefmradio
20th April 2004, 06:49
Hi, This is my first post however, I have been using Shoutcast for a few months now....
I've been running my station for about a week now at 24/7 with no flaws -- Until 4/18 -- I started receiving ICMP pings from a user who I banned, but he/she obtained another IP address so I am blocking all possible IPs from this particular service until I can figure out what is going on.
I banned this user because he/she was taking up 2 of my 5 open spaces and would listen for 62 seconds, disconnect, then reconnect for 62 seconds, and then the cycle would continue.. His/her other connection remained in tack, but would then occupy another space for the above mentioned time frames.
This is what I got from my ZONE ALARM LOG:
ACCESS,2004/04/19,14:55:54 -4:00 GMT,Your computer was prevented from sending an ICMP Echo Request ('Ping') message to a restricted site (155.53.63.81.cust.bluewin.ch).,N/A,N/A
FWIN,2004/04/18,18:22:40 -4:00 GMT,81.62.157.203:10503,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:23:02 -4:00 GMT,81.62.157.203:10504,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:23:24 -4:00 GMT,81.62.157.203:10505,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:23:46 -4:00 GMT,81.62.157.203:10506,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:24:08 -4:00 GMT,81.62.157.203:10507,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:24:30 -4:00 GMT,81.62.157.203:10508,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:24:52 -4:00 GMT,81.62.157.203:10509,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:25:14 -4:00 GMT,81.62.157.203:10510,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:25:36 -4:00 GMT,81.62.157.203:10511,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:25:58 -4:00 GMT,81.62.157.203:10512,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:26:18 -4:00 GMT,81.62.157.203:10513,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:26:40 -4:00 GMT,81.62.157.203:10514,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:27:04 -4:00 GMT,81.62.157.203:10515,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:27:26 -4:00 GMT,81.62.157.203:10516,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:27:46 -4:00 GMT,81.62.157.203:10517,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:28:08 -4:00 GMT,81.62.157.203:10518,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:28:30 -4:00 GMT,81.62.157.203:10519,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:28:52 -4:00 GMT,81.62.157.203:10520,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:29:14 -4:00 GMT,81.62.157.203:10521,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:29:36 -4:00 GMT,81.62.157.203:10522,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:29:58 -4:00 GMT,81.62.157.203:10523,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:30:20 -4:00 GMT,81.62.157.203:10524,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:30:42 -4:00 GMT,81.62.157.203:10525,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:31:04 -4:00 GMT,81.62.157.203:10526,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:31:26 -4:00 GMT,81.62.157.203:10527,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:31:48 -4:00 GMT,81.62.157.203:10528,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:32:10 -4:00 GMT,81.62.157.203:10529,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:32:32 -4:00 GMT,81.62.157.203:10530,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:32:54 -4:00 GMT,81.62.157.203:10531,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:33:16 -4:00 GMT,81.62.157.203:10532,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:33:38 -4:00 GMT,81.62.157.203:10533,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:34:00 -4:00 GMT,81.62.157.203:10534,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:34:22 -4:00 GMT,81.62.157.203:10535,192.168.1.100:8000,TCP (flags:S)
I had no idea that ZONE ALARM did NOT block ICMP requests.. I couldn't even pull up web pages because I was so lagged.. I have been reading the forums and since uninstalled zone alarm -- I now have SYGATE!!
I have blocked ALL ICMP requests.. Is that a good idea or should I configure it another way?
I am a small statiion with 5 listeners max, I don't know why someone would want to do this -- Of course, I would like to expand so I can serve more after I learn how to obtain a hosting service that will let me...
Thanks for any input you might have..
Jon
I've been running my station for about a week now at 24/7 with no flaws -- Until 4/18 -- I started receiving ICMP pings from a user who I banned, but he/she obtained another IP address so I am blocking all possible IPs from this particular service until I can figure out what is going on.
I banned this user because he/she was taking up 2 of my 5 open spaces and would listen for 62 seconds, disconnect, then reconnect for 62 seconds, and then the cycle would continue.. His/her other connection remained in tack, but would then occupy another space for the above mentioned time frames.
This is what I got from my ZONE ALARM LOG:
ACCESS,2004/04/19,14:55:54 -4:00 GMT,Your computer was prevented from sending an ICMP Echo Request ('Ping') message to a restricted site (155.53.63.81.cust.bluewin.ch).,N/A,N/A
FWIN,2004/04/18,18:22:40 -4:00 GMT,81.62.157.203:10503,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:23:02 -4:00 GMT,81.62.157.203:10504,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:23:24 -4:00 GMT,81.62.157.203:10505,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:23:46 -4:00 GMT,81.62.157.203:10506,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:24:08 -4:00 GMT,81.62.157.203:10507,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:24:30 -4:00 GMT,81.62.157.203:10508,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:24:52 -4:00 GMT,81.62.157.203:10509,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:25:14 -4:00 GMT,81.62.157.203:10510,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:25:36 -4:00 GMT,81.62.157.203:10511,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:25:58 -4:00 GMT,81.62.157.203:10512,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:26:18 -4:00 GMT,81.62.157.203:10513,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:26:40 -4:00 GMT,81.62.157.203:10514,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:27:04 -4:00 GMT,81.62.157.203:10515,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:27:26 -4:00 GMT,81.62.157.203:10516,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:27:46 -4:00 GMT,81.62.157.203:10517,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:28:08 -4:00 GMT,81.62.157.203:10518,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:28:30 -4:00 GMT,81.62.157.203:10519,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:28:52 -4:00 GMT,81.62.157.203:10520,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:29:14 -4:00 GMT,81.62.157.203:10521,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:29:36 -4:00 GMT,81.62.157.203:10522,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:29:58 -4:00 GMT,81.62.157.203:10523,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:30:20 -4:00 GMT,81.62.157.203:10524,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:30:42 -4:00 GMT,81.62.157.203:10525,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:31:04 -4:00 GMT,81.62.157.203:10526,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:31:26 -4:00 GMT,81.62.157.203:10527,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:31:48 -4:00 GMT,81.62.157.203:10528,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:32:10 -4:00 GMT,81.62.157.203:10529,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:32:32 -4:00 GMT,81.62.157.203:10530,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:32:54 -4:00 GMT,81.62.157.203:10531,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:33:16 -4:00 GMT,81.62.157.203:10532,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:33:38 -4:00 GMT,81.62.157.203:10533,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:34:00 -4:00 GMT,81.62.157.203:10534,192.168.1.100:8000,TCP (flags:S)
FWIN,2004/04/18,18:34:22 -4:00 GMT,81.62.157.203:10535,192.168.1.100:8000,TCP (flags:S)
I had no idea that ZONE ALARM did NOT block ICMP requests.. I couldn't even pull up web pages because I was so lagged.. I have been reading the forums and since uninstalled zone alarm -- I now have SYGATE!!
I have blocked ALL ICMP requests.. Is that a good idea or should I configure it another way?
I am a small statiion with 5 listeners max, I don't know why someone would want to do this -- Of course, I would like to expand so I can serve more after I learn how to obtain a hosting service that will let me...
Thanks for any input you might have..
Jon