Firewall Wizards mailing list archives
Re: how to block ICMP tunneling?
From: "Steven M. Bellovin" <smb () research att com>
Date: Mon, 19 Jul 1999 20:32:48 -0400
In message <3988F0001E0BD31192180090274077D0702CC0 () sj-msg01 altera com>, Kyle S tarkey writes:
I was under the impression that ICMP should be blocked coming from the outside. I can't think of any reason you would want some one from the outside PINGing, TRACRTing or otherwise Probing your internal network for active hosts. IMHO you should simply block the entire proctocol from the outside.
If you do, you break Path MTU, which can disrupt communications to many sites.
Current thread:
- Re: how to block ICMP tunneling?, (continued)
- Re: how to block ICMP tunneling? Adam Shostack (Jul 19)
- BO2k : was (Re: how to block ICMP tunneling?) Jason Brvenik (Jul 20)
- RE: how to block ICMP tunneling? Jason Diesel (Jul 19)
- RE: how to block ICMP tunneling? Kevin Steves (Jul 26)
- RE: how to block ICMP tunneling? Kyle Starkey (Jul 19)
- Re: how to block ICMP tunneling? Joseph S D Yao (Jul 20)
- Re: how to block ICMP tunneling? Chris Brenton (Jul 20)
- Re: how to block ICMP tunneling? carson (Jul 21)
- Re: how to block ICMP tunneling? Geva Patz (Jul 20)
- RE: how to block ICMP tunneling? Marcus J. Ranum (Jul 19)
- Re: how to block ICMP tunneling? Steven M. Bellovin (Jul 20)
- RE: how to block ICMP tunneling? Ben Nagy (Jul 20)
- Re: how to block ICMP tunneling? Ryan Russell (Jul 21)
- Re: how to block ICMP tunneling? Dru (Jul 26)
- RE: how to block ICMP tunneling? Jason Diesel (Jul 21)
- Re: how to block ICMP tunneling? Adam Shostack (Jul 23)
- RE: how to block ICMP tunneling? Marcus J. Ranum (Jul 23)
- Re: how to block ICMP tunneling? Sean Costello (Jul 29)
- Re: how to block ICMP tunneling? Sean Costello (Jul 29)
- Fw: how to block ICMP tunneling? Sean Costello (Jul 30)
- Re: how to block ICMP tunneling? Adam Shostack (Jul 19)