Home page logo
/

bugtraq logo Bugtraq mailing list archives

TCP/IP implementations do not adequately validate ICMP error messages
From: Alok Menghrajani - Ilion Security SA <alok () ilionsecurity ch>
Date: Tue, 10 May 2005 16:51:25 +0200

Hi,

I was playing around with the ICMP error messages DOS attack (I found an exploit on securityfocus.org bid 13214), and I noticed the following work around:

when I add the following rule to iptables, the linux server (Kernel 2.4.29-grsec) is no longer vulnerable to the DOS:
iptables -I INPUT 1 -p icmp -j DROP

I am interested in knowing if this work around makes any sense. Please keep me informed about this vulnerability.

Thank you,
Alok.

--
ILION Security S.A.
Network Audit by Ethical Hacking

M. Alok Menghrajani
alok () ilionsecurity ch

http://www.ilionsecurity.ch
36, av. Cardinal-Mermillod
CH-1227 Carouge/GE
Tél.: +41 22 343 99 33
Mob.: +41 78 740 88 97
Fax:  +41 22 343 99 34


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault