Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: ICMP ECHO_REQUESTS to BROADCAST addresses (fwd)
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Tue, 22 Jul 1997 23:13:13 +0100


Anyone doing serious multicasting might want to take some preventive measures
with ICMP ECHO_REQUEST packets to the multicast address as well.  I don't
have anything to test it on now, but as I recall, the same behavior, on an
obviously much smaller scale, is present here as well and could likely slip
through router rules if not looked at.

One big problem here is customers. The original Linux code didnt reply
to broadcast pings and everyone screamed their network monitor/mapping tool
didnt work with it even though RFC1122 says its merely a MAY

For Linux/*BSD its easy to firewall the relevant addresses in the OS. Also
firewall 255.255.255.255 otherwise people do things like source routed
all host broadcasts



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault