RE: ICMP TYPE 3
From: R. DuFresne (dufresne_at_sysinfo.com)
Date: 09/15/03
- Previous message: Peter Parker: "Verification of system binaries"
- In reply to: Sekurity Wizard: "RE: ICMP TYPE 3"
- Next in thread: Byron Copeland: "RE: ICMP TYPE 3"
- Reply: Byron Copeland: "RE: ICMP TYPE 3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 15 Sep 2003 14:13:20 -0400 (EDT) To: Sekurity Wizard <s.wizard@boundariez.com>
And this is a good thing, as being able to ping the broadcast address can
create a ping storm. There are still many sites that are not setup to
prevent this and used as tools to ping flood others.
Thanks,
Ron DuFresne
On Sun, 14 Sep 2003, Sekurity Wizard wrote:
> That's your default route....it's telling you that you can't do what
> you're trying to do.
>
> -----Original Message-----
> From: gr00vy [mailto:groovy2600@yahoo.com.ar]
> Sent: Saturday, September 13, 2003 12:00 AM
> To: pentest
> Subject: ICMP TYPE 3
>
>
> While I was doing some researching work I ping a broadcast ip address
> and for my surprise i recieve an extrange response:
>
> FIRST RESPONSE:
>
> Internet Protocol, Src Addr: 200-70-xxx-164.rse.com.ar (200.70.xxx.164),
> Dst Addr: 200-70-xxx-121.rse.com.ar (200.70.xxx.121) Internet Control
> Message Protocol
> Type: 0 (Echo (ping) reply)
> Code: 0
>
> SECOND RESPONSE:
>
> Internet Protocol, Src Addr: 172.xxx.230.242 (172.xxx.230.242), Dst
> Addr: 200-70-xxx-121.rse.com.ar (200.70.xxx.121)
> Internet Control Message Protocol
> Type: 3 (Destination unreachable)
> Code: 13 (Communication administratively filtered) <<< Weird!
>
> The OS's seems to be (xprobe):
>
> First ROUTER
> [+] Host 200.70.xxx.164 Running OS: "HP JetDirect ROM G.07.02 EEPROM
> G.07.20" (Guess probability: 87%)
>
> Second ROUTER
> [+] Host 172.xxx.230.242 Running OS: "Cisco IOS 12.2" (Guess
> probability: 71%)
>
>
> My question is, what is it? an ACL? why do i get a response of a machine
> i did not ping??? maybe it is a extrange behavior from Cisco ios. This
> might help to fingerprint Os's who knows ????
>
> Bye
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------
- Previous message: Peter Parker: "Verification of system binaries"
- In reply to: Sekurity Wizard: "RE: ICMP TYPE 3"
- Next in thread: Byron Copeland: "RE: ICMP TYPE 3"
- Reply: Byron Copeland: "RE: ICMP TYPE 3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
