Re: About ping request?

From: Fidelis Yoon (siy24@coconut.co.kr)
Date: 05/18/02 

Date: 18 May 2002 08:06:52 -0000
From: Fidelis Yoon <siy24@coconut.co.kr>
To: focus-ms@securityfocus.com
('binary' encoding is not supported, stored as-is) In-Reply-To: <Pine.LNX.4.44.0205172131100.25357-100000@lodos.ieee.metu.edu.tr>

ICMP protocol can be blocked via the IPSec filtering not
via the TCP/IP filtering.
With TCP/IP filtering, ICMP traffic will still be allowed
to and from the host even though you have not chosen to
allow IP protocol 1(ICMP).

Try IPSec Security Policy in W2K.
The follow links provide the related information about it.
http://support.microsoft.com/default.aspx?scid=kb;en-
us;Q313190
http://www.microsoft.com/windows2000/en/datacenter/help/defa
ult.asp?url=/windows2000/en/datacenter/help/ipsec_filter-
spec_create.htm
http://www.microsoft.com/SERVICEPROVIDERS/columns/using_ipse
c.asp

Thanks,
Fidelis
Researcher in Information Security Lab of COCONUT
(http://www.coconut.co.kr)
My GPG Public key can be obtained from http://pgp.mit.edu
by using its Key ID : 0xE69528B1

>Received: (qmail 18799 invoked from network); 18 May 2002
00:12:03 -0000
>Received: from outgoing3.securityfocus.com (HELO
outgoing.securityfocus.com) (66.38.151.27)
> by mail.securityfocus.com with SMTP; 18 May 2002
00:12:03 -0000
>Received: from lists.securityfocus.com
(lists.securityfocus.com [66.38.151.19])
> by outgoing.securityfocus.com (Postfix) with QMQP
> id 3BFD7A3404; Fri, 17 May 2002 12:46:35 -0600 (MDT)
>Mailing-List: contact focus-ms-help@securityfocus.com; run
by ezmlm
>Precedence: bulk
>List-Id: <focus-ms.list-id.securityfocus.com>
>List-Post: <mailto:focus-ms@securityfocus.com>
>List-Help: <mailto:focus-ms-help@securityfocus.com>
>List-Unsubscribe: <mailto:focus-ms-
unsubscribe@securityfocus.com>
>List-Subscribe: <mailto:focus-ms-
subscribe@securityfocus.com>
>Delivered-To: mailing list focus-ms@securityfocus.com
>Delivered-To: moderator for focus-ms@securityfocus.com
>Received: (qmail 15551 invoked from network); 17 May 2002
18:35:51 -0000
>Date: Fri, 17 May 2002 21:37:38 +0300 (EEST)
>From: Ceyhun KIRMIZITAS <ceyhun@ieee.metu.edu.tr>
>To: focus-ms@securityfocus.com
>Subject: About ping request?
>In-Reply-To:
<9D0DEFBC7C30D31188B7204C4F4F5020018446AC@THMAIL>
>Message-ID: <Pine.LNX.4.44.0205172131100.25357-
100000@lodos.ieee.metu.edu.tr>
>MIME-Version: 1.0
>Content-Type: TEXT/PLAIN; charset=US-ASCII
>X-Virus-Scanned: by AMaViS snapshot-20010714
>
>Hello,
>My question is about ping request. I want to block ping
request if it
>comes from outside and I want to be able to ping other
hosts.In other
>words, I want to block all ping request one way only.
>
>How can I do that? I have been already tried to do
something with IPSec,
>TCP/IP filters etc.
>If there are anyone who know how to to do this, please
tell me the way.
>
>Thank you
>Ceyhun Kirmizitas
>
>

Relevant Pages

  • Re: Filtering
    ... I use TCP/IP Filtering in the same situation. ... I didn't know any factors why I MUST use IPSec. ... It is only my preference. ... > hosts. ...
    (microsoft.public.windows.server.general)
  • Re: Restricting IIS to service only local requests
    ... Thanks very much, I'll look into IPSec ... workstation. ... >I would recommend a firewall to do this. ... >You could use TCP/IP filtering or IPSec filtering. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Filtering
    ... IPSec instead of TCP/IP filtering. ... hosts. ...
    (microsoft.public.windows.server.general)
  • Re: TCP/IP Filtering
    ... If you want more flexible solution I would recommend that you use IPSec ... Filters instead of TCP/IP Filtering ...
    (microsoft.public.windows.server.general)
  • About ping request?
    ... My question is about ping request. ... I want to block ping request if it ... I have been already tried to do something with IPSec, ... TCP/IP filters etc. ...
    (Focus-Microsoft)