Return ICMP port unreachable on nonlistening socket

  • Thread starter Thread starter Petr Pisar
  • Start date Start date
P

Petr Pisar

Hello,

common TCP/IP implemetations return ICMP port unreachable error packet
when somobody send packet to port where no server is listening. This was
true even in Windows XP.

However Windows Vista Business SP2 behaves differently. It drops the
packet silently even if given port is allowed for incoming communication
in Advanced firewall settings. (And yes, I'm pretty sure it's really
allowed because in the pfirewall log is not message about dropping.)

I guess this is yet another Windows feature trying to smarter and more
secure than user.

Does anybody know how to get classic behaviour back?

-- Petr
 
Petr said:
common TCP/IP implemetations return ICMP port unreachable error packet
when somobody send packet to port where no server is listening. This was
true even in Windows XP.

However Windows Vista Business SP2 behaves differently. It drops the
packet silently
Click to expand...
[...]

Maybe, IPsec is enabled on the machine with a policy to block ICMP. A
drop message by the FW wouldn't be logged, as IPsec sits in front of the
FW and blocks.

Other than IPsec with an IPsec policy or something else like a 3rd
personal FW solution running on the machine that's doing the blocking,
then nothing else on Vista other than Vista's FW is going to be blocking.
Click to expand...
I have installed the machine and I'm the only administrator of the
system. No third party packet filters nor IPsec policies are installed
or active. FYI, ICMP echo request and replies flow normally.

I found the same complaint on web
(http://www.vistax64.com/vista-security/150480-rejecting-ident-port-113-requests.html), but without solution.

Can anybody at least confirm that it's a bug/feature of Windows Vista?
(I don't have any other system to compare it.)

-- Petr
 
Back
Top