Security Basics mailing list archives
Re: Removing ping/icmp from a network
From: krymson () gmail com
Date: 2 Apr 2008 16:02:43 -0000
ICMP can be used as a covert channel as well. A bit exotic, but increasingly within the realm of possibility depending on how secure you need to be. I do believe there still exists the case of attacking TCP connections using ICMP as well. Google the tool icmp-reset. <- snip ->
As a matter of interest, does anyone know of an ICMP exploits besides DoS? If there are none, then the whole problem is moot. As I understand it ICMP is an integral part of the TCP stack and as such the code will be there whether you block ICMP or not, so short of having a buggy TCP stack it shouldn't increase exposure much if at all.
Well, Ping of Death comes to mind, but that issue has been fixed ages ago.
Current thread:
- Re: Removing ping/icmp from a network Jason (Apr 01)
- Re: Removing ping/icmp from a network Ansgar -59cobalt- Wiechers (Apr 04)
- Re: Removing ping/icmp from a network Jason (Apr 07)
- Re: Removing ping/icmp from a network Ansgar -59cobalt- Wiechers (Apr 07)
- Re: Removing ping/icmp from a network Jason (Apr 07)
- Re: Removing ping/icmp from a network Jason (Apr 07)
- Re: Removing ping/icmp from a network Mark Owen (Apr 07)
- Re: Removing ping/icmp from a network Jason (Apr 07)
- Re: Removing ping/icmp from a network Ansgar -59cobalt- Wiechers (Apr 04)
- <Possible follow-ups>
- Re: Removing ping/icmp from a network Ansgar -59cobalt- Wiechers (Apr 01)
- Re: Removing ping/icmp from a network Mike Preston - Technomonk Industries (Apr 01)
- Re: Removing ping/icmp from a network Ansgar -59cobalt- Wiechers (Apr 01)
- Re: Removing ping/icmp from a network krymson (Apr 02)