Firewall Wizards mailing list archives
RE: Borderware Ping Server
From: Matthew Kirkwood <matthew () hairy beasts org>
Date: Wed, 17 Oct 2001 14:59:07 +0100 (BST)
On Tue, 16 Oct 2001, Ofir Arkin wrote:
This is not only the question of ping of death. There is also a very important issue of how this ping server/proxy validates that the requests sent and received are truly genuine ICMP echo requests and replies. Especially data in the data portion of the ICMP echo request and reply, message length and other gizmos.
Were I writing such a proxy, I'd construct a new ping packet and send that. That way, there's no risk of it beind used as a covert channel. Of course, doing all this is userspace does decrease the value of ping, as it won't be much use for anything but "is the host alive?", but I think that's probably not unreasonable. Matthew. _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Borderware Ping Server Don Ng (Oct 09)
- Re: Borderware Ping Server Marcus J. Ranum (Oct 09)
- RE: Borderware Ping Server Ofir Arkin (Oct 17)
- RE: Borderware Ping Server Matthew Kirkwood (Oct 18)
- RE: Borderware Ping Server Marcus J. Ranum (Oct 18)
- RE: Borderware Ping Server Ofir Arkin (Oct 18)
- RE: Borderware Ping Server Marcus J. Ranum (Oct 20)
- RE: Borderware Ping Server Ofir Arkin (Oct 23)
- RE: Borderware Ping Server Matthew Kirkwood (Oct 23)
- RE: Borderware Ping Server Ofir Arkin (Oct 23)
- RE: Borderware Ping Server Ofir Arkin (Oct 17)
- Re: Borderware Ping Server Marcus J. Ranum (Oct 09)
- Re: Borderware Ping Server Paul Zatychec (Oct 18)
- <Possible follow-ups>
- RE: Borderware Ping Server Peter Cox (Oct 11)
- RE: Borderware Ping Server Don Ng (Oct 11)