On 11/18/2017 03:47 PM, Rich Shepard wrote:
With the mail/phone issues I've had recently I want to check that I'm
doing things correctly. Two instances of not reaching web pages.
I can load (and ping) www.opendkim.org, but cannot load (or ping)
lists.opendkim.org. This means their mail list page is off-line. Yes?
No, not necessarily.
Yesterday and today I try to access www.verizonwireless.com but the page
won't load. Neither can I ping that server. This means that their web site
is down. Yes?
Again, not necessarily.
More and more IT / Security groups are going to dropping the ICMP (ping)
packets for "security" reasons, and this affects several tools that have
long been used by the layperson and professional alike.
When the firewall receives an ICMP packet, ping and traceroute both will
show failure and/or lack of "up: state. If the attacker knows the device
is there by DNS resolution or IP address, they have a known target, and
the dropping of packets (IMO) is just obscuring things a little bit.
Other tools that you can try are telnet to the port for the service in
question, nmap to check for all open ports (potential for looking like
an attacker), and netcat (nc) to test for specific, or scan for all
open, ports.
A deeper way to search if things are connecting at all is the use of
netstat, Wireshark, or tcpdump in some cases.
Network connectivity is going to likely become more problematic, and our
means of testing things will likely become more restricted as time
passes. Just my guess, but it's a trend I have been noticing.
dafr
_______________________________________________
PLUG mailing list
PLUG@pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug
