Full Disclosure mailing list archives
Re: ICMP Security Vulnerabilities - NEW (cough)
From: Chad Loder <cloder () loder us>
Date: Thu, 14 Jul 2005 12:58:22 -0700
Vic, Maybe you need to read (not skim) Fernando's draft? The title is "ICMP Attacks Against TCP", and let me emphasize the TCP part. I find it interesting that you've gone through the trouble of writing a 10 page email in which you seem to be claiming partial credit for someone else's work, but you have not bothered to include any references to substantiate your claims, other than a mailing list you can't remember, some private conversations on a tangentially related subject you've had with associates over the years, and your newbie ICMP guide. Unfortunately your email adds nothing new to the discussion and only shows that you did not take the time to understand the draft, nor the fixes that have been implemented in OpenBSD and Linux. Now, regarding your guide to ICMP filtering. First, your guide says nothing about the blind ICMP attacks against TCP in Fernando's paper. Your guide appears to be a summary of other information (including guides and published exploits) available well before 1994 (including, for god's sake, the "Security Considerations" sections of RFC's published in 1990 and even earlier). In addition, some of the advice in your guide is dangerous for basically anyone other than home users sitting behind a firewall. This, too, was widely known before your guide was published. You need to hit the books. -Chad Loder _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: ICMP Security Vulnerabilities - NEW (cough) Chad Loder (Jul 15)
- Re: ICMP Security Vulnerabilities - NEW (cough) Vic Vandal (Jul 22)