Help with a tracert rule

Discussion in 'ESET Smart Security' started by chillin, Sep 16, 2011.

Thread Status:
Not open for further replies.
  1. chillin

    chillin Registered Member

    Joined:
    Sep 16, 2011
    Posts:
    5
    I am using Smart Security 4.2.64.12 - but need to DISABLE the firewall to see the results of a tracert. Not Quite true - the trace to the actual destination gets reported but all of the traces that hit the TTL do not show up.

    Code:
    C:\Windows\system32>tracert -d -w 100 -h 15 google.com
    
    Tracing route to google.com [74.125.226.114]
    over a maximum of 15 hops:
    
      1     *        *        *     Request timed out.
      2     *        *        *     Request timed out.
      3     *        *        *     Request timed out.
      4     *        *        *     Request timed out.
      5     *        *        *     Request timed out.
      6     *        *        *     Request timed out.
      7     *        *        *     Request timed out.
      8     *        *        *     Request timed out.
      9     *        *        *     Request timed out.
     10     *        *        *     Request timed out.
     11    14 ms    15 ms    13 ms  74.125.226.114
    
    Trace complete.
    

    With firewall disabled:

    Code:
    C:\Windows\system32>tracert -d -w 100 -h 15 google.com
    
    Tracing route to google.com [74.125.226.148]
    over a maximum of 15 hops:
    
      1     1 ms    <1 ms    <1 ms  192.168.1.1
      2     3 ms     2 ms     2 ms  10.9.44.119
      3     4 ms     5 ms     3 ms  130.81.133.166
      4     4 ms     5 ms     3 ms  130.81.29.252
      5     5 ms     6 ms     5 ms  152.63.16.137
      6    35 ms    14 ms    15 ms  152.63.0.166
      7    15 ms    16 ms    15 ms  152.63.21.121
      8    17 ms    17 ms    17 ms  152.179.72.62
      9    14 ms    14 ms    14 ms  216.239.43.114
     10    13 ms    14 ms     *     216.239.48.44
     11    14 ms    14 ms    13 ms  74.125.226.148
    
    Trace complete.
    
    C:\Windows\system32>
    Ping to a host works (Ie it is the same as the last hop in a tracert).

    It is like the fire wall is seeing the TTL error reply and filtering that out.

    Any help will be appreciated.

    Bob
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    Try disabling Personal firewall -> IDS and advanced options -> ICMP protocol message checking.
     
  3. chillin

    chillin Registered Member

    Joined:
    Sep 16, 2011
    Posts:
    5
    That's the ticket - Thank you very much!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.