This article has two messages to deliver. The first being the technical piece where I review what the ICMP message means and what we tried to resolve the issue. The second is to illustrate the methodology used. I wanted to make those statements because in the past, some readers tend to concentrate too much on the technical information and gloss over the methodology part of the article.
Ok, let’s get to work. In this video, you’ll see that my computer was sending out SNMP packets and the local router was forwarding these packets to the internet. This is primarily due to the router’s default route to the ISP’s router. The ISP router responds with an ICMP host unreachable message.As a side note, the analyst working with me did not capture any ICMP error messages when he attempted to ping a 192.168.1.x address and couldn’t figure out why. Good thing I was there capturing, or he wouldn’t know what he was missing. This was due to his computer firewall/endpoint client software filtering out ICMP packets. Read More