Internet Explorer, ICMP Redirect
From: SecDoc (focus-ms@tac-americas.com)Date: 10/17/01
- Previous message: Patrick Andry: "Re: Spamming Through MS Exchange"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <003001c1569b$a05b1d50$6f02000a@tacamericas.com> From: "SecDoc" <focus-ms@tac-americas.com> To: <focus-ms@securityfocus.com> Subject: Internet Explorer, ICMP Redirect Date: Tue, 16 Oct 2001 18:38:15 -0500
What could prevent transmissions from a client running Internet Explorer to
a remote network web server, when:
-This client is on a private RFC 1918 network.
-The web server network is reachable via a router on the "internal" network.
-The default router is a firewall with a private interface and a public,
Internet connected interface.
-The firewall is not the router to the network with the web server.
-The firewall knows how to get to this network.
-There is an exception allowing ALL ICMP traffic from source: private
interface to destination: private interface.
Given these facts, the client should receive an ICMP redirect from the
default router/firewall indicating that it is in fact not the way to the
remote network with the web server, and that the client can instead get to
that network via the router with address X. Instead, the browser times out.
And lastly, there are only 2 ways in which the IE client will connect to the
web server.
1) disable packet filters on the firewall or,
2) having first pinged the remote web server, the router required to reach
the server will be in the workstations routing table and IE will have no
problems reaching the server until the route is removed.
It is strange to me that pinging will allow ICMP redirects but TCP requests
coming down from IE don't end up resulting in the redirect. Thanks for your
help.
- Previous message: Patrick Andry: "Re: Spamming Through MS Exchange"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
