Re: ICMP (Ping)
From: Jude Naidoo (jude007_at_jnaidoo.fsnet.co.uk)
Date: 09/03/03
- Previous message: LDC - Pablo Endres Lozada: "Cisco VPN and Linux"
- In reply to: Paul Kurczaba: "ICMP (Ping)"
- Next in thread: Jay Woody: "Re: ICMP (Ping)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Paul Kurczaba" <paul@myipis.com> Date: Wed, 3 Sep 2003 09:08:47 +0100
Hi Paul
Yes there are security issues.
The aim is to make the firewall invisible to the internet. Also by allowing
ICMP to the firewall from a totally untrusted domain, you open your firewall
to DoS attacks, as well as the possibility of having your firewall
compromised.
You may want to read the following thread and find out a bit more :-)
http://www.geocrawler.com/mail/thread.php3?subject=%5BFW1%5D+ICMP+Traffic+Security+Issues&list=98
Thanks
Jude
----- Original Message -----
From: "Paul Kurczaba" <paul@myipis.com>
To: <security-basics@securityfocus.com>
Sent: Tuesday, September 02, 2003 8:19 PM
Subject: ICMP (Ping)
> Are there any security issues for allowing a firewall/router to respond to
> Ping from the internet?
>
> -Paul Kurczaba
>
---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event. Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------
- Previous message: LDC - Pablo Endres Lozada: "Cisco VPN and Linux"
- In reply to: Paul Kurczaba: "ICMP (Ping)"
- Next in thread: Jay Woody: "Re: ICMP (Ping)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
