Bugtraq mailing list archives
Re: ICMP filtering?
From: ccdes () ccdes princeton nj us (Carl Corey)
Date: Thu, 28 Apr 1994 03:33:58 -0500
In a previous message ccdes () ccdes princeton nj us wroteI know we are getting a cisco router, and I have a question for anyone - what is the latest version of the router software I need to run to keep fake ICMP packets from reaching my hosts? I believe that this was a somewhat recent upgrade by cisco, thus the presence of nuke.c or whatever being used to annoy people.Is this true? If so, I'd be interested to know how this is implemented and also what software revision is required. We use quite a few routers here, some Cisco, some not. I don't see how one could filter 'fake' icmp destination unreachable messages without actually filtering all real ones as well.
I believe that a majority of the packets "nuking" connections out there are not perfect fakes; they are distinguishable from the real thing.
Current thread:
- ICMP filtering? MICHAEL R. WIDNER (Apr 27)
- <Possible follow-ups>
- Re: ICMP filtering? Steve Weeber (Apr 27)
- Re: ICMP filtering? Carl Corey (Apr 28)
- Re: ICMP filtering? G.J.W. Hagenaars (Apr 28)