Security Basics mailing list archives

Re: ICMP (Ping)

From: andreas <entmoot () gmx de>
Date: Fri, 5 Sep 2003 09:31:37 +0200

On Tue Sep 02  03:19PM, Paul Kurczaba wrote:

Are there any security issues for allowing a firewall/router to respond to
Ping from the internet?

-Paul Kurczaba


I don't know, if it was mentioned in one of the other replies, but there
is also a technique known to portscan hosts behind a firewall by
allowing icmp code 3 replies (Port unreachable) using a specially
crafted TTL field.

regards, andreas



---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------

Current thread:

ICMP (Ping) Paul Kurczaba (Sep 02)
- Re: ICMP (Ping) freeasabird_13 (Sep 03)
  - Re: ICMP (Ping) Ansgar Wiechers (Sep 04)
    - Re: ICMP (Ping) freeasabird_13 (Sep 05)
    - Re: ICMP (Ping) Ansgar Wiechers (Sep 05)
    - Re: ICMP (Ping) Tomas Wolf (Sep 08)
    - Re: ICMP (Ping) Tim Greer (Sep 08)
- Re: ICMP (Ping) Jude Naidoo (Sep 03)
- Re: ICMP (Ping) Tomas Wolf (Sep 03)
- Re: ICMP (Ping) andreas (Sep 05)
- Re: ICMP (Ping) Luca Falavigna (Sep 05)
- <Possible follow-ups>
- Re: ICMP (Ping) Jay Woody (Sep 03)
  - RE: ICMP (Ping) Stuart (Sep 04)
- RE: ICMP (Ping) Tony Kava (Sep 04)
- RE: ICMP (Ping) Jay Woody (Sep 04)
- RE: ICMP (Ping) SMiller (Sep 04)
  - RE: ICMP (Ping) Tim Greer (Sep 04)
    - RE: ICMP (Ping) Gerard Marshall Vignes (Sep 05)
    - RE: ICMP (Ping) Tim Greer (Sep 05)
    - Re: ICMP (Ping) gregh (Sep 05)

(Thread continues...)