Penetration Testing mailing list archives
Re: ICMP unreachable question
From: Penetration Testing <pentest () infosecure com au>
Date: Mon, 29 Oct 2001 09:30:22 -0800 (GMT+8)
On Fri, 26 Oct 2001, Steve Culligan wrote:
[snip] So my question is , Can this be used as a denial of service attack to continually send these ICMP packets to a server to confuse it or bring it down. Anybody had any experience with this or know any tools which can generate these ICMP reachable packets ?
Steve, I think the ICMP that you are seeing is Type 3, Code 4. It would be pretty easy to put together a little tool to generate these packets using libnet. As for whether this could be used for DoS, I guess that depends on the parameters/options. If you can send through a packet telling the remote end to set its MTU to 0, then I imagine that it would effectively kill the connection. This would, of course, rely on the ICMP making it past the firewall. Regards, Dave Taylor ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- ICMP unreachable question Steve Culligan (Oct 26)
- Re: ICMP unreachable question Penetration Testing (Oct 29)
- RE: ICMP unreachable question Ofir Arkin (Oct 29)
- Re: ICMP unreachable question Crist J. Clark (Oct 30)