Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Subnet masks in Dotted-Decimal format

From: "Livio Zanol Puppim" <livio.zanol.puppim () gmail com>
Date: Thu, 19 Oct 2006 16:30:11 -0300
Normally, you would just filter every ICMP traffic and permit what kind of
traffic you want..
And you have to agree with me, some kind of ICMPs messages are just
useless...


2006/10/19, Arturo 'Buanzo' Busleiman <buanzo () buanzo com ar>:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

William McVey wrote:

Actually, RFC 2979 (sect 3.1.1) clearly states that it's acceptable for
firewalls to block ICMP Echo and Echo Reply messages.


Yes, but I'd say that the problem comes when someone filters ALL of in/out
ICMP :P

Lots of people still mistake icmp echo request/reply with "icmp", not
knowing all of the other types.

- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad
Informatica
http://www.buanzo.com.ar | http://www.vivamoslavida.com.ar : Portal
no-comercial del buen vivir!
for f in www blog foros linux-consulting vpnmail; do firefox
http://$f.buanzo.com.ar ; done
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFN9D1AlpOsGhXcE0RAln5AJwMA0BcJv0UYZyjyKeR1izgMMIhBQCeKkl7
ohGCvhPHTyMTTZNdIik0yyY=
=62W5
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: