Re: ICMP unreachable question
From: Penetration Testing (pentest@infosecure.com.au)Date: 10/29/01
- Previous message: Ryan Permeh: "Re: xprobe 0.2"
- In reply to: Steve Culligan: "ICMP unreachable question"
- Next in thread: Ofir Arkin: "RE: ICMP unreachable question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Oct 2001 09:30:22 -0800 (GMT+8) From: Penetration Testing <pentest@infosecure.com.au> To: Steve Culligan <stephen_culligan@hotmail.com> Subject: Re: ICMP unreachable question Message-ID: <Pine.LNX.4.21.0110290920530.19564-100000@gateway.infosecure.com.au>
On Fri, 26 Oct 2001, Steve Culligan wrote:
> [snip]
>
> So my question is , Can this be used as a denial of service attack to
> continually send these ICMP packets to a server to confuse it or bring it
> down.
> Anybody had any experience with this or know any tools which can generate
> these ICMP reachable packets ?
>
Steve,
I think the ICMP that you are seeing is Type 3, Code 4. It would be
pretty easy to put together a little tool to generate these packets using
libnet.
As for whether this could be used for DoS, I guess that depends on the
parameters/options. If you can send through a packet telling the remote
end to set its MTU to 0, then I imagine that it would effectively kill the
connection. This would, of course, rely on the ICMP making it past the
firewall.
Regards,
Dave Taylor
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Ryan Permeh: "Re: xprobe 0.2"
- In reply to: Steve Culligan: "ICMP unreachable question"
- Next in thread: Ofir Arkin: "RE: ICMP unreachable question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
