Hello,

somebody have do PING Warpper with icmp.dll from Windows??????????

best regards
Ricardo Cescon
Software Developer
transact Elektronische Zahlungssysteme GmbH

Ricardo,

> somebody have do PING Warpper with icmp.dll from Windows??????????

Yup, I have, I'll see if I can dig it up.
If I remember well, it needs BAP.
BTW, is there anyone having heard something from Gernot ?

Regards,
Frans Vermeulen

Ricardo,

As usual, I had to extract it from the environment.
Garanteed working untill the door 

You should be able to make something usable from it,
remember, you need bap from acsn.

Regards,
Frans Vermeulen

Thanks Frans!

regards
Ricardo

Hello Frans,

it not work, I get every time returncode 0 from IcmpSendEcho!!!!!!!

Ricardo

Ricardo,

> it not work, I get every time returncode 0 from IcmpSendEcho!!!!!!!

Could you do something like this:

nError=DllCall("Kernel32.Dll",DLL_STDCALL, "GetLastError")

immediately after the ICmpSendEcho ? You will get the windows error number,
which might give some more information.

Also: you might already have seen this page, but this is the
M$ documentation of the ICmpSendEcho:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iphlp/iphlp/icmpsendecho.asp

HTH,
Frans Vermeulen

Hi,

Statuscode from echo reply is 11001 
GetLastError is 0

regards
Ricardo

>>> Frans Vermeulen<FransV@VisSpec.nl> 26.02.2004 16:11:38 >>>
Ricardo,

> it not work, I get every time returncode 0 from IcmpSendEcho!!!!!!!

Could you do something like this:

nError=DllCall("Kernel32.Dll",DLL_STDCALL, "GetLastError")

immediately after the ICmpSendEcho ? You will get the windows error number,
which might give some more information.

Also: you might already have seen this page, but this is the
M$ documentation of the ICmpSendEcho:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iphlp/iphlp/icmpsendecho.asp 

HTH,
Frans Vermeulen

Ricardo,

> Statuscode from echo reply is 11001

Hmm, this code means:
"The Domain Name Server was contacted, but no IP address was listed for the
requested server name."
really strange.

> GetLastError is 0
Even more strange, this means: "no error" ?

I think cIpAdres has a value of "0.0.0.0" ?

could you try and put a real ip-adres in it like:
"217.160.95.134"

Regards,
Frans Vermeulen

Hi have done it without Hostname (with real IP), but the same error!!!!
As MSDN this errorcode means "buffer too small"

Ricardo

>>> Frans Vermeulen<FransV@VisSpec.nl> 26.02.2004 16:33:49 >>>
Ricardo,

> Statuscode from echo reply is 11001

Hmm, this code means:
"The Domain Name Server was contacted, but no IP address was listed for the
requested server name."
really strange.

> GetLastError is 0
Even more strange, this means: "no error" ?

I think cIpAdres has a value of "0.0.0.0" ?

could you try and put a real ip-adres in it like:
"217.160.95.134"

Regards,
Frans Vermeulen

Ricardo,

> Hi have done it without Hostname (with real IP), but the same error!!!!
> As MSDN this errorcode means "buffer too small"

You are right, though it does work.
it's just that darn errorcode 

try making a Procedure main

Procedure main()
  ? Iif(ping("www.alaska-software.com"), "Ping", "no ping")
  TraceRoute("www.alaska-software.com")
  Inkey(0)
Return

then: replace all the E_Alerts with ?
and uncomment the lines they appear in
See what happens.

to be honest, I haven't got a clue why
probably it's related to the value of nChrPerPacket ?

HTH,
Frans Vermeulen

PS. Now I'm beginning to have a clue why black-ice always blocked the last
packet...

"Frans Vermeulen" schrieb:

> Ricardo,
> 
> > Hi have done it without Hostname (with real IP), but the same
> > error!!!! As MSDN this errorcode means "buffer too small"
> 
> You are right, though it does work.
> it's just that darn errorcode 
> 
> try making a Procedure main
> 
> Procedure main()
I will try it and let you know the result, but what is black-ice ??????

regards 
Ricardo

> ? Iif(ping("www.alaska-software.com"), "Ping", "no ping")
> TraceRoute("www.alaska-software.com")
> Inkey(0)
> Return
> 
> then: replace all the E_Alerts with ?
> and uncomment the lines they appear in
> See what happens.
> 
> to be honest, I haven't got a clue why
> probably it's related to the value of nChrPerPacket ?
> 
> HTH,
> Frans Vermeulen
> 
> PS. Now I'm beginning to have a clue why black-ice always blocked
> the last packet...

best regards
Ricardo Cescon
Software Developer
transact Elektronische Zahlungssysteme GmbH

Ricardo Cescon wrote:

> I will try it and let you know the result, but what is black-ice ??????

http://blackice.iss.net/

regards
Thomas Braun

> I will try it and let you know the result, but what is black-ice ??????

Black-ice is a personal firewall, which, to be honest, I never liked.
The thing warns about all and anything, which makes me suspicious
of the fact it would warn when it needs to.

Anyway, it always gave the warning:
Echo replay without request

which might be an indication of a DOS attack, but not here, anyway that
is what black-ice is like 

Regards,
Frans Vermeulen

I have found the error!!!!!!!!!!!!!!!!!!!!

PadR(Chr(nTTL),135,Chr(0))

NOT

PadR(Chr(nTTL),112,Chr(0))



Ricardo

>>> Frans Vermeulen<FransV@VisSpec.nl> 27.02.2004 09:16:56 >>>
> I will try it and let you know the result, but what is black-ice ??????

Black-ice is a personal firewall, which, to be honest, I never liked.
The thing warns about all and anything, which makes me suspicious
of the fact it would warn when it needs to.

Anyway, it always gave the warning:
Echo replay without request

which might be an indication of a DOS attack, but not here, anyway that
is what black-ice is like 

Regards,
Frans Vermeulen

Frans Vermeulen wrote:

> Black-ice is a personal firewall, which, to be honest, I never liked.
> The thing warns about all and anything, which makes me suspicious
> of the fact it would warn when it needs to.

PF are useless anyway.

They can't do anything what the IP stack of the underlying OS can't do
anyway.

PFs give you a false feeling of security that can lead to the opposite
effect of making you more insecure. They even can introduce new security
leaks or can be used to attack you (via DOS).

Anyway, the only 100% solution to internet security can be found here:

http://www.knipex.de/addons/katalog/seite/en/greif/greif03.htm


regards
Thomas Braun

web: www.software-braun.de / email: nospam@wegasoft.de
If you need to send email, substitute "nospam" with my initials
since the spam account is not checked on a regular basis.
Xbase++ FAQ : http://faq.xbasecentral.net

Thomas,

> PF are useless anyway.
>
> They can't do anything what the IP stack of the underlying OS can't do
> anyway.

That's a bit like: writing programs is useless, because programs can't do
what
a computer can't do anyway. Very true, but a rather useless conclusion.

Iaf. firewalls and pf's are advertised as miracle things, which are able to
protect you
against viruses, intrusions, advertisers, malware and whatever. In most of
these cases
firewalls are useless, and are a major cause of  odd system behaviour.

As a part of a total security solution, firewalls (either personal or
separate) are
not to be left out.

> Anyway, the only 100% solution to internet security can be found here:
>
> http://www.knipex.de/addons/katalog/seite/en/greif/greif03.htm

ROFL .AND. .T.

Regards,
Frans Vermeulen

Frans Vermeulen wrote:

> That's a bit like: writing programs is useless, because programs can't do
> what a computer can't do anyway.

Nope.

What I wanted to say is that it is useless to add complexity to a system
when there is no need for it.

You can run a W2K system without any PF if you configure it properly.
Windows already has the neccesary tools to do this.

> As a part of a total security solution, firewalls (either personal or
> separate) are not to be left out.

IMO a firewall is not a piece of software or hardware, but rather an
abstract conception of what is allowed or disallowed in an IT environment.

You can use software like packet filters, IDS, proxies and even virus
scanners to make this concept working.

But what those marketing people at companies like Symantec or ZoneLabs are
telling their customers has nothing to do with the above.

They tell you that installing a software without knowing anything about the
internals of computers or networks can make you safer, but the opposite is
true (look up "false feeling of security" in your dictionary )

I know from following both german and international security newsgroups,
that my point of view is not shared by many (but by much more in german
than in international newsgroups).

regards
Thomas Braun

web: www.software-braun.de / email: nospam@wegasoft.de
If you need to send email, substitute "nospam" with my initials
since the spam account is not checked on a regular basis.
Xbase++ FAQ : http://faq.xbasecentral.net

Thomas,

> You can run a W2K system without any PF if you configure it properly.
dream on...

> IMO a firewall is not a piece of software or hardware, but rather an
> abstract conception of what is allowed or disallowed in an IT environment.

This is what that guys from de.comp.security.firewalls say, but you must
not believe everything they say on the internet 
("concept" is in this case a synonym for "thing", meaning something, someone
- in this case the people from de.comp.security.firewall - is not able to
give
more specific information about)

> I know from following both german and international security newsgroups,

I've had some good laughs with Lutz Donnerhacke cs. If you read both,
use Donnerhacke cs. to have fun, and if you really want to learn something
about
firewalling, read the international firewalling groups. Or even better,
follow
dedicated groups to one of the various linux firewalls, there are a lot of
dutch fora at
www.minddigger.com , I bet there are German fora of equal quality and
knowledge.
Go there and see for example what security problems people have with W2K.

These problems are generally not due to bad configuring, or a defective
IP-Stack,
but due to core technologies of W2K, some of them could easily be solved
with a PF, and yes a PF is usually not the best solution. At this moment
I'm
behind a cisco PIX, and you would not believe what happened to me this week
( ( && [ashamed] ). I guess they don't have malware in Germany.

Regards,
Frans Vermeulen

PS have a try at this one: https://grc.com/x/ne.dll?bh0bkyd2

Frans Vermeulen wrote:

>> You can run a W2K system without any PF if you configure it properly.
> dream on...

I don't dream, I'm doing this... 

> This is what that guys from de.comp.security.firewalls say, but you must
> not believe everything they say on the internet 

I do not believe anything, but I read the arguments and most of them seem
to be logical and valid.

> ("concept" is in this case a synonym for "thing", meaning something, someone
> - in this case the people from de.comp.security.firewall - is not able to
> give more specific information about)

Well, dcsf is not
"free-consulting-for-something-you-have-to-pay-for-anywhere-else", so the
old sentence is still true "you get what you pay for" 

> I've had some good laughs with Lutz Donnerhacke

Hehe, Lutz is quite a funny guy (and doesn't get too religious too often)

> use Donnerhacke cs. to have fun, and if you really want to learn something
> about firewalling, read the international firewalling groups.

No...

Building Internet Firewalls
Elizabeth D. Zwicky, Simon Cooper, D. B. Chapman
O'Reilly & Associates
ISBN: 1565928717

but only after having read this one 

Computer Networks
Andrew S. Tanenbaum
ISBN: 0130384887

> Go there and see for example what security problems people have with W2K.

We all get what we deserve, don't we? 

> These problems are generally not due to bad configuring

Which is the "out-of-the-box" state of W2K...

> but due to core technologies of W2K, some of them could easily be solved
> with a PF

??? Which and how?

> and yes a PF is usually not the best solution.

Amen to this.

> At this moment I'm
> behind a cisco PIX, and you would not believe what happened to me this week
> ( ( && [ashamed] ).

Come on, tell it loud and clear.... 

> I guess they don't have malware in Germany.

No, we don't, we have laws against it 


> PS have a try at this one: https://grc.com/x/ne.dll?bh0bkyd2

I'd like to counter this with

http://www.grcsucks.com/

BTW, I'd like to move this to the soapbox...

regards
Thomas Braun

web: www.software-braun.de / email: nospam@wegasoft.de
If you need to send email, substitute "nospam" with my initials
since the spam account is not checked on a regular basis.
Xbase++ FAQ : http://faq.xbasecentral.net

Thomas,

> Anyway, the only 100% solution to internet security can be found here:
> 
> http://www.knipex.de/addons/katalog/seite/en/greif/greif03.htm

ROF,L.

Luckily I discovered a small spring-clip on the connector for the cable,
and when depressed allows the connector to be removed from its receptacle.
This negated the need for wire cutters, and allows the cable to be re-used
for other purposes (clothes-line etc.).

Regards,

Phil Ide

***************************************
* Xbase++ FAQ, Libraries and Sources: *
* goto: http://www.idep.org.uk/xbase  *
***************************************

An honest politician is one who stays bought.

Phil Ide wrote:

> Luckily I discovered a small spring-clip on the connector for the cable,
> and when depressed allows the connector to be removed from its receptacle.

Wow, that's what I call a "cool and smart solution" 

> This negated the need for wire cutters, and allows the cable to be re-used
> for other purposes (clothes-line etc.).

You know that you have to use a special type network cable for outside use,
don't you? 

regards
Thomas Braun

Thomas,

>> This negated the need for wire cutters, and allows the cable to be re-used
>> for other purposes (clothes-line etc.).
> 
> You know that you have to use a special type network cable for outside use,
> don't you? 

Yes.  We have a cable which is connected at one end to the network switch.
The other end hangs out the window and dangles into bucket.  This is our
'bit-bucket', where we collect all the lost network packets and bits that
get shifted off the end of a register.

Regards,

Phil Ide

***************************************
* Xbase++ FAQ, Libraries and Sources: *
* goto: http://www.idep.org.uk/xbase  *
***************************************

Excuse me, I have to recharge my flamethrower.

Phil Ide wrote:

> 'bit-bucket', where we collect all the lost network packets and bits that
> get shifted off the end of a register.

...and I always wondered where all those shifted bits are going to...
thanks for sharing your valuable knowledge with lower beings like me 

regards
Thomas Braun

Thomas,

>> 'bit-bucket', where we collect all the lost network packets and bits that
>> get shifted off the end of a register.
> 
> ...and I always wondered where all those shifted bits are going to...
> thanks for sharing your valuable knowledge with lower beings like me 

We collect all these 'bits' and sell tham back to Intel.  They reprocess
tham and send them back to us via the internet, so our computers don't run
out of bits.

Regards,

Phil Ide

***************************************
* Xbase++ FAQ, Libraries and Sources: *
* goto: http://www.idep.org.uk/xbase  *
***************************************

I'm responsible for the MOTHER of all screw-ups!

After trace route, see attachment!!!!!!!

Ricardo

>>> Frans Vermeulen<fvermeulen@wanadoo.nl> 26.02.2004 21:12:36 >>>
Ricardo,

> Hi have done it without Hostname (with real IP), but the same error!!!!
> As MSDN this errorcode means "buffer too small"

You are right, though it does work.
it's just that darn errorcode 

try making a Procedure main

Procedure main()
  ? Iif(ping("www.alaska-software.com"), "Ping", "no ping")
  TraceRoute("www.alaska-software.com")
  Inkey(0)
Return

then: replace all the E_Alerts with ?
and uncomment the lines they appear in
See what happens.

to be honest, I haven't got a clue why
probably it's related to the value of nChrPerPacket ?

HTH,
Frans Vermeulen

PS. Now I'm beginning to have a clue why black-ice always blocked the last
packet...