<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Firewall Wizards: Re: ICMP Packets.

Re: ICMP Packets.

From: Darren Reed <darrenr_at_reed.wattle.id.au>
Date: Wed, 3 Jun 1998 22:46:15 +1000 (EST)

In some email I received from tqbf_at_pobox.com, sie wrote:
[...]
> > 2) Is there a list of ICMP message types that are needed as opposed to
> ones that are just used for troubleshooting ( like echo, echo-reply )
> that can be blocked without problems.
>
> Not that I know of, but you should remember that for information gathering
> purposes, blocking ECHO REQUEST messages is a pretty futile gesture.
[...]

I'd second Perry's comments and mention that you're stopping PMTU from
working, for starters. Whatever is sending out IP packets should be able
to get the ICMP errors which are returned for those packets.

Darren
Received on Jun 03 1998

This message: [ Message body ]
Next message: Toto Zammataro: "ClientAccess and Raptor Eagle 5"
Previous message: Jan.Bervar_at_nil.si: "Re: Dealing with MS Netmeeting & H.323"
In reply to: tqbf_at_pobox.com: "Re: ICMP Packets."
Next in thread: Don Kendrick: "Re: ICMP Packets."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]