Re: ICMP (Ping)

[Tomas Wolf <tomas () skip cz>]

Well, if you have a good set of rules, you can make it harder for 
attacker to find out that your nod is there... It is possible to find 
out if it is really there or not by issuing several different scanns 
with different flags on -- and observing the response packets. If I ping 
you, then I know that there is a machine and from that point on it is a 
matter of will... Gathering info & sooner or later attack on a 
volnurable services or some nodes around that could reveal more about 
your traffic, social engineer whoever could know anything about it... By 
other words, one shouldn't get easily discovered by blind network ping 
scans.
That is all to my knowledge...
Tomas

Paul Kurczaba wrote:

> Are there any security issues for allowing a firewall/router to respond to
> Ping from the internet?
>
> -Paul Kurczaba
>  



---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------