Help with a tracert rule

Discussion in 'ESET Smart Security' started by chillin, Sep 16, 2011.

Thread Status:
Not open for further replies.
  1. chillin

    chillin Registered Member

    Joined:
    Sep 16, 2011
    Posts:
    5
    I am using Smart Security 4.2.64.12 - but need to DISABLE the firewall to see the results of a tracert. Not Quite true - the trace to the actual destination gets reported but all of the traces that hit the TTL do not show up.

    Code:
    C:\Windows\system32>tracert -d -w 100 -h 15 google.com
    
    Tracing route to google.com [74.125.226.114]
    over a maximum of 15 hops:
    
      1     *        *        *     Request timed out.
      2     *        *        *     Request timed out.
      3     *        *        *     Request timed out.
      4     *        *        *     Request timed out.
      5     *        *        *     Request timed out.
      6     *        *        *     Request timed out.
      7     *        *        *     Request timed out.
      8     *        *        *     Request timed out.
      9     *        *        *     Request timed out.
     10     *        *        *     Request timed out.
     11    14 ms    15 ms    13 ms  74.125.226.114
    
    Trace complete.
    

    With firewall disabled:

    Code:
    C:\Windows\system32>tracert -d -w 100 -h 15 google.com
    
    Tracing route to google.com [74.125.226.148]
    over a maximum of 15 hops:
    
      1     1 ms    <1 ms    <1 ms  192.168.1.1
      2     3 ms     2 ms     2 ms  10.9.44.119
      3     4 ms     5 ms     3 ms  130.81.133.166
      4     4 ms     5 ms     3 ms  130.81.29.252
      5     5 ms     6 ms     5 ms  152.63.16.137
      6    35 ms    14 ms    15 ms  152.63.0.166
      7    15 ms    16 ms    15 ms  152.63.21.121
      8    17 ms    17 ms    17 ms  152.179.72.62
      9    14 ms    14 ms    14 ms  216.239.43.114
     10    13 ms    14 ms     *     216.239.48.44
     11    14 ms    14 ms    13 ms  74.125.226.148
    
    Trace complete.
    
    C:\Windows\system32>
    Ping to a host works (Ie it is the same as the last hop in a tracert).

    It is like the fire wall is seeing the TTL error reply and filtering that out.

    Any help will be appreciated.

    Bob
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Try disabling Personal firewall -> IDS and advanced options -> ICMP protocol message checking.
     
  3. chillin

    chillin Registered Member

    Joined:
    Sep 16, 2011
    Posts:
    5
    That's the ticket - Thank you very much!
     
Thread Status:
Not open for further replies.