Ok, what the heck does it mean when someone "pings" your firewall?

I've been getting LOTS of ping alerts on my Zonealarm the past 4 days and it's driving me nuts. Yesterday I had about 219 in a 4 hour period

The firewall has blocked Internet access to your computer (ICMP Echo Request ('Ping')) from 172.170.124.43

Anyone good at tracking down these IP numbers? I've had 11 alerts in the past 6 minutes. Here are the numbers:

172.162.47.29
211.163.117.132
61.243.45.11
172.167.196.54
68.155.2.172
172.164.188.118
172.158.9.170
172.170.124.43
12.169.122.244
172.167.250.141
172.166.8.226

Sue

I have noticed this sort of traffic from the games I play but it really could be anything. A ping is a tool you use to see if there is a host at the address you ping.

But it's only been for the past 4 days. Maybe once in a great while before that, but since Wednesday, it's just a constant steady stream from the time I sign on to the moment I sign off

Sue

... from one computer to another on a network, asking, in essence, "who are you and is this your correct IP address."

Sometimes, this can be a request from your provider's host, to see if you're still on-line, because, otherwise, if there's some other error, it would like to close the connection.

But, for the most part, it's a hostile computer looking to see, first, if there's a running computer at a particular IP address. If there is, and that computer returns a ping, then the port scanner gets turned on, looking for an available port which might gain them access to your computer.

ZoneAlarm, set up properly, will not answer pings. That's intended to make the remote computer keep trying to hit yours until it gives up--making your computer seem to be not there or turned off, and that way, to deter someone taking the time to scan for available ports.

It's a reasonably good first line of defense.

But, PING is just a standard network command to establish the existence of a computer at a particular net address. I get several hundred every few days.

To check on IP addresses yourself, just get yourself a copy of Sam Spade or Net Demon and have at. ;-)


Cheers.

about 6-8 per minute. It's very unusual. I figured it had to do with the viruses out there.

When I had Napster, we would ping each other all the time, to see how long a round trip took. If it was pretty short, that was a good person to download from.

Most of those are AOL pings, and would be normal. The Chinese spammer might not be, but could be just background traffic. There is a vast amount of background traffic out there, and only rarely is someone actually attacking your machine.

Turn the alerts off-- they are real PITA.

If you want to know who owns the IP's:

http://www.iks-jena.de/cgi-bin/whois

The page is in German, but it's obvious how it works, and the returns are in English.

If you want to know more, find out how to work traceroute, Sam Spade, and other tools.

(serious geek stuff there, though)