Firewall Wizards mailing list archives
RE: icmp scans
From: "Acosta, Bob" <acostar () allied-chas com>
Date: Wed, 11 Nov 1998 14:04:46 -0500
The loki paper is excellent, however it should be noted that a remote program may have to be embedded on the remote system (possibly already been done and being done by dangerous web sites). There are other risks with icmp being permitted into your network. They can be used to screw up routing with redirection. ---------- From: Pawel Maciejewski To: Neil Ratzlaff; firewall-wizards () nfr net Cc: fw-1-mailinglist () lists us checkpoint com Sent: 11/11/98 9:25 AM Subject:Odp: icmp scans Hello
2. Even if these packets made it through the firewall, I don't know
what
it could get them other than confirmation of an existing machine. Does anyone know anything else they could do?
Yeah, some types of ICMP packets can be used to establish emulated "telnet" connection and many more things. For further information read the "Loki" paper on http://www.infonexus.com/~daemon9/Projects/ Greetings -= Signed =- -= Pawel Maciejewski =- -= e-mail : laban () op onet pl =- -= ICQ #10839029 =- ---------------------------------------- "Death comes to us all..." ----------------------------------------
Current thread:
- icmp scans Neil Ratzlaff (Nov 10)
- Re: icmp scans Adam Shostack (Nov 11)
- <Possible follow-ups>
- RE: icmp scans Acosta, Bob (Nov 11)