Firewall Wizards mailing list archives
RE: how to block ICMP tunneling?
From: Jason Diesel <jdiesel () axent com>
Date: Mon, 19 Jul 1999 14:52:40 -0400
Unless you have an application based firewall! Where the firewall is actually scanning the contents of the pay load to check which commands for that associated application protocol are coming in. If they are unrecognised for say... DNS, then the firewall will not let them in. The firewall will then log and alert as necessary. Jason -----Original Message----- ... BO2k is, to me, a demonstration of where firewalls stop being useful. The attacker gets his back door onto your network, converting a trusted machine into his base of operations. You now have a problem that an 'insider' can start doing nasty stuff inside your firewall. ...
Current thread:
- how to block ICMP tunneling? Razvan Peteanu (Jul 16)
- Re: how to block ICMP tunneling? Darren Reed (Jul 18)
- Re: how to block ICMP tunneling? Sebastian Krahmer (Jul 19)
- Re: how to block ICMP tunneling? Ted Doty (Jul 18)
- Re: how to block ICMP tunneling? Adam Shostack (Jul 19)
- BO2k : was (Re: how to block ICMP tunneling?) Jason Brvenik (Jul 20)
- <Possible follow-ups>
- RE: how to block ICMP tunneling? Jason Diesel (Jul 19)
- RE: how to block ICMP tunneling? Kevin Steves (Jul 26)
- RE: how to block ICMP tunneling? Kyle Starkey (Jul 19)
- Re: how to block ICMP tunneling? Joseph S D Yao (Jul 20)
- Re: how to block ICMP tunneling? Chris Brenton (Jul 20)
- Re: how to block ICMP tunneling? carson (Jul 21)
- Re: how to block ICMP tunneling? Geva Patz (Jul 20)
- RE: how to block ICMP tunneling? Marcus J. Ranum (Jul 19)
- Re: how to block ICMP tunneling? Steven M. Bellovin (Jul 20)
- RE: how to block ICMP tunneling? Ben Nagy (Jul 20)
- Re: how to block ICMP tunneling? Ryan Russell (Jul 21)
(Thread continues...)
- Re: how to block ICMP tunneling? Darren Reed (Jul 18)