I am able to ping from my XP SP2 laptop to the other Knoppix PC and also to the router(RP614v2) which is inbetween.
I connect to knoppix via putty. I am trying ping to my XP from there. No response.
How to trouble shoot this.
I assume there can be firewalls in XP, in router and also in Knoppix.
Thanks in advance for any help.

I am able to ping from my XP SP2 laptop to the other Knoppix PC and also to the router(RP614v2) which is inbetween.
I connect to knoppix via putty. I am trying ping to my XP from there. No response.
First confirm that Knoppix can ping your router (192.168.xxx.1)


I assume there can be firewalls in XP, in router and also in Knoppix.
Yup, this is the common problem, particularly if you installed SP2, enabled the firewall in XP prior to SP2, or installed a 3rd party firewall. So check it's setting to enable the ping (and whatever other traffic you want to do) or disable it. I usually set up my firewalls to pass anything from "trusted" addresses. (In my case I set the range 192.168.0.0 to 192.168.255.255 as trusted. I do this because I like to test different routers that may be at 192.196.0.1, 192.168.1.1, 192.168.2.1 or elsewhere. This range is safe and will work for almost all users, but some people may prefer to set a smaller trusted range). Oh, and I never trust the Microsoft firewall. Use something better (like Kerio) rather than the MS disaster.

First of all Thanks for your quick response

>>First confirm that Knoppix can ping your router (192.168.xxx.1)
Yes I am able to ping to 192.168.0.1

>>Yup, this is the common problem, particularly if you installed SP2, enabled the firewall in XP prior to SP2, or >>installed a 3rd party firewall. So check it's setting to enable the ping (and whatever other traffic you want to do) >>or disable it. I usually set up my firewalls to pass anything from "trusted" addresses. (In my case I set the range >>192.168.0.0 to 192.168.255.255 as trusted. I do this because I like to test different routers that may be at >>192.196.0.1, 192.168.1.1, 192.168.2.1 or elsewhere. This range is safe and will work for almost all users, but >>some people may prefer to set a smaller trusted range). Oh, and I never trust the Microsoft firewall. Use >>something better (like Kerio) rather than the MS disaster.

I went to <control panel>-><Security Center>--> and make <firewall> option off.
I checked the macfee personal firewall. It is disabled.

I am trying to check netgear RP614v2 settings. I don't see anything unusual

I went to <control panel>-><Security Center>--> and make <firewall> option off.
I checked the macfee personal firewall. It is disabled.

I am trying to check netgear RP614v2 settings. I don't see anything unusual
No, I very much doubt that it is your Netgear router (my theory is still something in XP blocking it). Can you ping from XP to Knoppix? Have any more computers available? If so you might want to prove to yourself that you can ping between 2 Knoppix systems through the RP614v2. Or boot Knoppix on the windows box also and ping all you want between 2 Knoppix boxes. That would pretty much narrow down your search.

in my network i some times set up knoppix on a computer set at 192.168.1.4 the routers ip is 192.168.1.1 and my computer using xp pro with tiny personel firewall set to trust network ranges from 192.168.1.1-6.

when i first set up knoppix i sometimes am unable to view my xp computer. sometimes i might not even be able to see the router(at all). what i find seems to work is from knoppix type

ping 192.168.1.1 192.168.1.2

then try

ping 192.168.1.2

untill it stops saying destination unreachable

im my case i know both knoppix the router and my xp firewall ](tpf) (http://members.rogers.com/zyklon/tpf.html
) are ment to receive and respond to pings. i do this untill they are able to clearly see each other. at the same time i would try pinging the boardcast tho this can cause problems if abused (smurf attacks)i would also try pinging from xp to see if i can view knoppix from there.

i would also try turning on the smb server for boardcasting.

i suggest you read up on imcp packets and there flags. it can help alot.

here is a nice tutorial on icmp http://www.spywire.net/tutorials/icmp.txt

>>No, I very much doubt that it is your Netgear router (my theory is still something in XP blocking it). Can >>you ping from XP to Knoppix? Have any more computers available? If so you might want to prove to >>yourself that you can ping between 2 Knoppix systems through the RP614v2. Or boot Knoppix on the >>windows box also and ping all you want between 2 Knoppix boxes. That would pretty much narrow >>down your search.

Thanks for the tip. I booted knoppix from windows PC and was able to ping to my other linux box.
I concluded that router can not be the problem.

Then the task of locating the windows firewall and disabling it, took me some time.
I made the windows XP SP2 security ceter->Firewall->off. Still I couldn't ping to the XP from Knoopix.

Once I had tried to install McAfee Personal firewall plus and then decided not to. I couldn't do a clean
uninstall of it after that. Wheneven I tried to uninstall from control panel->add/remove progarm->mcafee security center, it was waiting for the other mcafee services to be removed first. I couldn't understand
what it says. I assumed it has problems in uninstalling

So I went to mcafee site and did the manual uninstall. Still the ping problem was persisting.

By chance I went to control panel->network connections->Lan or High speed Internet->Local Area connection-> properties>General section. There I saw the LAN connection using "Net firewall Service".
Eventhough I did windows XP SP2 security ceter->Firewall->off, still this option was on.
I disabled it and at last now I can see the ping to XP working.

I assume it is not mcafee problem?

go to the sp2 firewall turn it on and enable certain imcp packets.ones like echo request. allow incoming timestamp requests allow incoming router requests allow out going destination unreachable allow outgoing time exceeded.

now from knoppix or xp turn on ethereal and start sniffing packets. then you need to
start pinging from knoppix or what ever one has the sniffer going. if you see destination unreachable then try ping the router see what you get. normaly you will see arp data which normaly say "who has 192.168.1.1 tell 192.168.1.4" if you have both computers xp and knoppix pinging each other at the same time they are both say "who has ip tell me" in boardcast so the chances of them being able to talk is much higher.


also try using nmap with various types of scans.

I made <windows firewall> on and enabled all the ICMP options in it.
I downloaded Ethereal V0.10.8 for Windows XP and started it.
I selected <capture><start> menu option.

From a DOS Command prompt window I did a ping to Knoppix.

I saw the following listing in ethereal. I exported it in a file.
It is as follows with only the headers.
...
No. Time Source Destination Protocol Info
1 0.000000 192.168.0.3 192.168.0.2 ICMP Echo (ping) request
2 0.000223 192.168.0.2 192.168.0.3 ICMP Echo (ping) reply
3 1.000781 192.168.0.3 192.168.0.2 ICMP Echo (ping) request
4 1.000964 192.168.0.2 192.168.0.3 ICMP Echo (ping) reply
5 2.002220 192.168.0.3 192.168.0.2 ICMP Echo (ping) request
6 2.002404 192.168.0.2 192.168.0.3 ICMP Echo (ping) reply
7 3.003656 192.168.0.3 192.168.0.2 ICMP Echo (ping) request
8 3.003840 192.168.0.2 192.168.0.3 ICMP Echo (ping) reply

...
where 192.168.0.3 is XP, 192.168.0.2 is Knoppix and 192.168.0.1 is the router.
This is what is as expected.

Now with ethereal still running on XP, I tried to ping to XP
from a knoppix session.
This is what I got. I have done maskings in lines 2,3,4,5,93,94. I assume the ip addresses
are from ISP cable modem, though I haven't connected to the internet from XP.

No. Time Source Destination Protocol Info
1 0.000000 192.168.0.1 Broadcast ARP Who has 192.168.0.3? Tell 192.168.0.1
2 0.000019 192.168.0.3 192.168.0.1 ARP 192.168.0.3 is at xx:xx:xx:xx:xx:dd
3 0.000037 192.168.0.3 192.168.0.1 ARP 192.168.0.3 is at xx:xx:xx:xx:xx:dd
4 0.019658 xxx.xxx.74.75 192.168.0.3 IP Fragmented IP protocol (proto=TCP 0x06, off=8)
5 0.099745 xxx.xxx.128.222 192.168.0.3 IP Fragmented IP protocol (proto=TCP 0x06, off=8)
6 5.900866 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
7 5.901112 192.168.0.2 192.168.0.3 TCP 22 > 1108 [ACK] Seq=0 Ack=52 Win=7504 Len=0
8 5.901614 192.168.0.2 192.168.0.3 SSH Encrypted response packet len=52
9 5.901847 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
10 5.937711 192.168.0.2 192.168.0.3 TCP 22 > 1108 [ACK] Seq=52 Ack=104 Win=7504 Len=0
11 6.005261 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
12 6.005419 192.168.0.2 192.168.0.3 TCP 22 > 1108 [ACK] Seq=52 Ack=156 Win=7504 Len=0
13 6.005752 192.168.0.2 192.168.0.3 SSH Encrypted response packet len=52
14 6.005930 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
15 6.037727 192.168.0.2 192.168.0.3 TCP 22 > 1108 [ACK] Seq=104 Ack=208 Win=7504 Len=0
16 6.280391 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
17 6.280579 192.168.0.2 192.168.0.3 TCP 22 > 1108 [ACK] Seq=104 Ack=260 Win=7504 Len=0
18 6.281030 192.168.0.2 192.168.0.3 SSH Encrypted response packet len=52
19 6.281224 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
20 6.317752 192.168.0.2 192.168.0.3 TCP 22 > 1108 [ACK] Seq=156 Ack=312 Win=7504 Len=0
21 6.340379 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
22 6.340541 192.168.0.2 192.168.0.3 TCP 22 > 1108 [ACK] Seq=156 Ack=364 Win=7504 Len=0
23 6.340883 192.168.0.2 192.168.0.3 SSH Encrypted response packet len=52
24 6.341082 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
25 6.377774 192.168.0.2 192.168.0.3 TCP 22 > 1108 [ACK] Seq=208 Ack=416 Win=7504 Len=0
...
...
89 12.032181 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
90 12.035658 192.168.0.2 192.168.0.3 SSH Encrypted response packet len=100
91 12.035903 192.168.0.3 192.168.0.2 SSH Encrypted request packet len=52
92 12.068493 192.168.0.2 192.168.0.3 TCP 22 > 1108 [ACK] Seq=984 Ack=1820 Win=7504 Len=0
93 22.574225 192.168.0.3 yyy.yy.88.118 TCP 1167 > http [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1383
94 25.547497 192.168.0.3 yyy.yy.88.118 TCP 1167 > http [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1383

nmap for windows XP SP2 not ok.
running nmap from knoppix gets struck with ping.

How very strange. I just pinged from Knoppix (3.7) and watched the pings on ethereal on Knoppix (enter the command sudo ethereal from a shell console, then ping from a shell console), and I clearly saw just the ICMP pings and the replies. I was pinging my win98se desktop, but that hardly matters, Knoppix doesn't send different types of pings when you have XP. I would suggest that you might want to watch from Knoppix (ethereal is already on the CD) as well as from XP. That way you'll know what Knoppix is really sending out as well as what XP says it is getting. Ping your router too just to see how that works and what KNoppix should be seeing. I'm 100% convinced that XP is playing head games with you, but exactly how I'm not sure.