Firewall Wizards mailing list archives

RE: Borderware Ping Server

From: "Peter Cox" <peter () borderware com>
Date: Wed, 10 Oct 2001 08:54:57 +0100

The BorderWare Ping server simply enables an ICMP Echo response when it is
turned on. By default the BorderWare Firewall Server does not respond to
Ping (or to any connection request), enabling the Ping server on one or more
interfaces enables the Firewall to respond on those interfaces.

What Marcus is describing is our Ping "proxy", which when enabled will
permit a user to ping a system through the Firewall and, assuming that
system is up, to get a response. The Ping proxy is available only for
outbound use (i.e an internal user can ping an external system and not vice
versa) and like all proxies and servers is disabled by default.

The Firewall's integrated hardened operating system includes defences for
ping of death and other denial of service attacks.


_______________________________________________________________
Peter Cox                                 Phone: +44 20 8893 6066
Vice President                            Fax: +44 20 8574 8384
BorderWare Technologies Inc               http://www.borderware.com

-----Original Message-----
From: firewall-wizards-admin () nfr com
[mailto:firewall-wizards-admin () nfr com]On Behalf Of Marcus J. Ranum
Sent: 09 October 2001 16:24
To: Don Ng; firewall-wizards () nfr com
Subject: Re: [fw-wiz] Borderware Ping Server

Seems to be quite unique, is it a proxy server for
ICMP echo request?


I believe that what it did was set a bpf filter for icmp packets, which it
then proxied to the outside world and re-injected on the internal network.
Kind of an interesting concept; I wonder if it would have adequately
protected
against a ping of death attack...

mjr.
---
Marcus J. Ranum          Chief Technology Officer, NFR Security, Inc.
Work:                           http://www.nfr.com
Personal:                      http://www.ranum.com

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Borderware Ping Server, (continued)
- Re: Borderware Ping Server Marcus J. Ranum (Oct 09)
  - RE: Borderware Ping Server Ofir Arkin (Oct 17)
    - RE: Borderware Ping Server Matthew Kirkwood (Oct 18)
    - RE: Borderware Ping Server Marcus J. Ranum (Oct 18)
    - RE: Borderware Ping Server Ofir Arkin (Oct 18)
    - RE: Borderware Ping Server Marcus J. Ranum (Oct 20)
    - RE: Borderware Ping Server Ofir Arkin (Oct 23)
    - RE: Borderware Ping Server Matthew Kirkwood (Oct 23)
    - RE: Borderware Ping Server Ofir Arkin (Oct 23)
    - Re: Borderware Ping Server Paul Zatychec (Oct 18)
- RE: Borderware Ping Server Peter Cox (Oct 11)
  - RE: Borderware Ping Server Don Ng (Oct 11)