Re: Ok to let all ICMP traffic through firewall?

• Previous message: Hairy One Kenobi: "Re: Ok to let all ICMP traffic through firewall?"
• In reply to:(deleted message) Dave Dowson: "Re: Ok to let all ICMP traffic through firewall?"
• Next in thread: Volker Birk: "Re: Ok to let all ICMP traffic through firewall?"
• Reply: Volker Birk: "Re: Ok to let all ICMP traffic through firewall?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 25 Sep 2005 00:10:30 +0000 (UTC)

In article <sxmo84$rdt$n@ddka.demon.co.uk>,
Dave Dowson <r030102${dd}.nospam@ddka.demon.co.uk> wrote:
:Tell me - what is the risk of sending an ICMP packet to anyone?
:You've said that you block such responses - but why? What is the risk
:you perceive in sending a messages which (in general) does not require
:a response and so cannot have any impact on your network? Or are you
:suggesting that your networks are so insecure that you need to protect
:them from things that would not even be a threat to the clueless
:newbie home computer user?

There was an attack publicized within the last few years, in
which attackers sent ICMP Network Redirect and Host Redirect
(which don't require responses...) specifying IP addresses
of major banking sites. Networks whose administrators were not
blocking ICMP Redirects had their users redirected to clone
sites made to -look- like the banking sites, but which copied
the username and passwords entered; the perpetrators then
proceeded to steal from peoples' bank accounts and credit cards.

-- 
  If you like, you can repeat the search with the omitted results included.

• Previous message: Hairy One Kenobi: "Re: Ok to let all ICMP traffic through firewall?"
• In reply to:(deleted message) Dave Dowson: "Re: Ok to let all ICMP traffic through firewall?"
• Next in thread: Volker Birk: "Re: Ok to let all ICMP traffic through firewall?"
• Reply: Volker Birk: "Re: Ok to let all ICMP traffic through firewall?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Ok to let all ICMP traffic through firewall? ... :Tell me - what is the risk of sending an ICMP packet to anyone? ... which attackers sent ICMP Network Redirect and Host Redirect ... (comp.security.firewalls) Re: Ok to let all ICMP traffic through firewall? ... :Tell me - what is the risk of sending an ICMP packet to anyone? ... which attackers sent ICMP Network Redirect and Host Redirect ... (alt.computer.security) Re: Ok to let all ICMP traffic through firewall? ... >>need to have ICMP responses form our networks get it, ... so now you are saying that you block outgoing ICMP ... > Tell me - what is the risk of sending an ICMP packet to anyone? ... it's not a general risk to your network because they ... (comp.security.misc) Re: Ok to let all ICMP traffic through firewall? ... >>need to have ICMP responses form our networks get it, ... so now you are saying that you block outgoing ICMP ... > Tell me - what is the risk of sending an ICMP packet to anyone? ... it's not a general risk to your network because they ... (comp.security.firewalls) Re: Ok to let all ICMP traffic through firewall? ... >>need to have ICMP responses form our networks get it, ... so now you are saying that you block outgoing ICMP ... > Tell me - what is the risk of sending an ICMP packet to anyone? ... it's not a general risk to your network because they ... (alt.computer.security)