Security Basics mailing list archives
Re: ICMP (Ping)
From: Tim Greer <chatmaster () charter net>
Date: 05 Sep 2003 15:45:46 -0700
On Fri, 2003-09-05 at 13:35, Jay Woody wrote:
Not really, they will randomly scan and the RETURN to the ones that replied and run a vuln scan against it. If you didn't reply to begin with then they won't be RETURNING.
Clearly we disagree about the semantics here. While you are married to the idea that no one will bother scanning your server unless it responds to pings, I am of the opinion and experience on my part dictates, that many people will cut out the middle man and just scan to see if it responds to the specific or general services they are targeting and move on if it doesn't respond to those common services. There's no reason to go on arguing about this or insisting it's one way or another--that is not what I personally meant nor claimed. I simply said that it will only save you from being scanned if someone actually used that method. I've rarely seen people not just randomly scan, if they're going to randomly collect IPs. If your system is vulnerable enough to be hit from such a person, you have more to worry about than ping responses or not. A skilled enough attacker will not use that method to determine what systems are alive or not. -- Tim Greer <chatmaster () charter net> --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- RE: ICMP (Ping), (continued)
- RE: ICMP (Ping) Jay Woody (Sep 05)
- RE: ICMP (Ping) Tim Greer (Sep 05)
- RE: ICMP (Ping) Vineet Mehta (Sep 08)
- RE: ICMP (Ping) Tim Greer (Sep 08)
- RE: ICMP (Ping) Tim Greer (Sep 05)
- RE: ICMP (Ping) Jay Woody (Sep 05)
- RE: ICMP (Ping) Tony Kava (Sep 05)
- RE: ICMP (Ping) Tony Kava (Sep 05)
- RE: ICMP (Ping) Jay Woody (Sep 05)
- Re: ICMP (Ping) gregh (Sep 08)
- Re: ICMP (Ping) Joe Bryan NSA (Sep 08)
- Re: ICMP (Ping) gregh (Sep 08)
- Re: ICMP (Ping) Jay Woody (Sep 05)
- Re: ICMP (Ping) Tim Greer (Sep 08)
- Re: ICMP (Ping) Ansgar Wiechers (Sep 08)
- RE: ICMP (Ping) Tim Greer (Sep 08)
- RE: ICMP (Ping) Chris Ess (Sep 08)
- RE: ICMP (Ping) Tim Greer (Sep 08)
- RE: ICMP (Ping) Preston Newton (Sep 08)
- Re: ICMP (Ping) Fyodor (Sep 09)
- RE: ICMP (Ping) Chris Ess (Sep 08)