Educause Security Discussion mailing list archives
Re: ICMP blocking
From: Joe St Sauver <joe () OREGON UOREGON EDU>
Date: Thu, 7 Dec 2006 10:12:17 -0800
Russell mentioned: #Diagnostics work to machines that are visible on the 'Net but you can't #easily enumerate stuff behind the firewall. # #One unintended consequence of the firewall is that udp trace routes are #blocked unless the the address has a udp port open and you select that #port to trace route on. If the concern is network reconnaisance, things like tcptraceroute (see http://michael.toren.net/code/tcptraceroute/ ) should also be kept in mind, or host enumeration via passive approaches that may also yield at least a partial roster (e.g., consider a DNS-based passive approach) Regards, Joe
Current thread:
- Re: ICMP blocking, (continued)
- Re: ICMP blocking ken lindahl (Dec 06)
- Re: ICMP blocking Jeff Kell (Dec 06)
- Re: ICMP blocking Constantakos, William (Dec 06)
- Re: ICMP blocking Randy Marchany (Dec 06)
- Re: ICMP blocking David Gillett (Dec 06)
- Re: ICMP blocking John Ladwig (Dec 06)
- Re: ICMP blocking David Lundy (Dec 06)
- Re: ICMP blocking Gary Flynn (Dec 06)
- Re: ICMP blocking Ken Connelly (Dec 06)
- Re: ICMP blocking Russell Fulton (Dec 07)
- Re: ICMP blocking Joe St Sauver (Dec 07)