Firewall Wizards mailing list archives
icmp scans - what about fragmented ICMP packets ?
From: "Pawel Maciejewski" <laban () op onet pl>
Date: Fri, 13 Nov 1998 00:38:04 +0100
Hello again I wonder is it possible (and usefull) to fragment ICMP packets (in ex. ICMP echo request). Some firewalls (like sinus 0.2.9 if im not wrong) doesn't like fragmented packets at all - if they don't know what to do with them, they just drop or let them pass (of course it also may depends on few other things in ex. kernel configuration). So it can be really nice way to scan which hosts are alive behind the wall (when the wall has the blocked all incoming ICMP packets, but let fragmented packets pass), and can be a background for a next stage of attack. Thanks and greetings -= Signed =- -= Pawel Maciejewski =- -= e-mail : laban () op onet pl =- -= ICQ #10839029 =- ---------------------------------------- "Death comes to us all..." ----------------------------------------
Current thread:
- icmp scans - what about fragmented ICMP packets ? Pawel Maciejewski (Nov 12)
- Re: icmp scans - what about fragmented ICMP packets ? Darren Reed (Nov 13)