Firewall Wizards: RE: Borderware Ping Server

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Firewall Wizards mailing list archives

RE: Borderware Ping Server

From: Matthew Kirkwood <matthew () hairy beasts org>
Date: Wed, 17 Oct 2001 14:59:07 +0100 (BST)

On Tue, 16 Oct 2001, Ofir Arkin wrote:

This is not only the question of ping of death. There is also a very
important issue of how this ping server/proxy validates that the
requests sent and received are truly genuine ICMP echo requests and
replies. Especially data in the data portion of the ICMP echo request
and reply, message length and other gizmos.


Were I writing such a proxy, I'd construct a new ping packet and
send that.  That way, there's no risk of it beind used as a covert
channel.

Of course, doing all this is userspace does decrease the value of
ping, as it won't be much use for anything but "is the host
alive?", but I think that's probably not unreasonable.

Matthew.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

By Date By Thread

Current thread:

Borderware Ping Server Don Ng (Oct 09)
- Re: Borderware Ping Server Marcus J. Ranum (Oct 09)
  - RE: Borderware Ping Server Ofir Arkin (Oct 17)
    - RE: Borderware Ping Server Matthew Kirkwood (Oct 18)
    - RE: Borderware Ping Server Marcus J. Ranum (Oct 18)
    - RE: Borderware Ping Server Ofir Arkin (Oct 18)
    - RE: Borderware Ping Server Marcus J. Ranum (Oct 20)
    - RE: Borderware Ping Server Ofir Arkin (Oct 23)
    - RE: Borderware Ping Server Matthew Kirkwood (Oct 23)