Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: ICMP unreachable question
From: Penetration Testing <pentest () infosecure com au>
Date: Mon, 29 Oct 2001 09:30:22 -0800 (GMT+8)

On Fri, 26 Oct 2001, Steve Culligan wrote:

[snip]

So my question is , Can this be used as a denial of service attack to 
continually send these ICMP packets to a server to confuse it or bring it 
down.
Anybody had any experience with this or know any tools which can generate 
these ICMP reachable packets ?


Steve,

I think the ICMP that you are seeing is Type 3, Code 4.  It would be
pretty easy to put together a little tool to generate these packets using
libnet.

As for whether this could be used for DoS, I guess that depends on the
parameters/options.  If you can send through a packet telling the remote
end to set its MTU to 0, then I imagine that it would effectively kill the
connection.  This would, of course, rely on the ICMP making it past the
firewall.

Regards,
Dave Taylor



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault