Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: ICMP ECHO_REQUESTS to BROADCAST addresses (fwd)
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Tue, 22 Jul 1997 23:13:13 +0100


Anyone doing serious multicasting might want to take some preventive measures
with ICMP ECHO_REQUEST packets to the multicast address as well.  I don't
have anything to test it on now, but as I recall, the same behavior, on an
obviously much smaller scale, is present here as well and could likely slip
through router rules if not looked at.


One big problem here is customers. The original Linux code didnt reply
to broadcast pings and everyone screamed their network monitor/mapping tool
didnt work with it even though RFC1122 says its merely a MAY

For Linux/*BSD its easy to firewall the relevant addresses in the OS. Also
firewall 255.255.255.255 otherwise people do things like source routed
all host broadcasts

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]