Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: icmp scans

From: "Acosta, Bob" <acostar () allied-chas com>
Date: Wed, 11 Nov 1998 14:04:46 -0500
The loki paper is excellent, however it should be noted that a remote
program
may have to be embedded on the remote system (possibly already been done
and being
done by dangerous web sites).  There are other risks with
icmp being permitted into your network.  They can be used to screw up
routing
with redirection.      

----------
From: Pawel Maciejewski
To: Neil Ratzlaff; firewall-wizards () nfr net
Cc: fw-1-mailinglist () lists us checkpoint com
Sent: 11/11/98 9:25 AM
Subject:Odp: icmp scans

Hello



2.  Even if these packets made it through the firewall, I don't know

what

it could get them other than confirmation of an existing machine.  Does
anyone know anything else they could do?



Yeah, some types of ICMP packets can be used to establish emulated
"telnet"
connection and many more things.
For further information read the "Loki" paper on
http://www.infonexus.com/~daemon9/Projects/

Greetings

-= Signed =-
-= Pawel Maciejewski =-
-= e-mail : laban () op onet pl =-
-= ICQ #10839029 =-
----------------------------------------
   "Death comes to us all..."
----------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: