Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ICMP unreachable question

From: Penetration Testing <pentest () infosecure com au>
Date: Mon, 29 Oct 2001 09:30:22 -0800 (GMT+8)
On Fri, 26 Oct 2001, Steve Culligan wrote:


[snip]

So my question is , Can this be used as a denial of service attack to 
continually send these ICMP packets to a server to confuse it or bring it 
down.
Anybody had any experience with this or know any tools which can generate 
these ICMP reachable packets ?



Steve,

I think the ICMP that you are seeing is Type 3, Code 4.  It would be
pretty easy to put together a little tool to generate these packets using
libnet.

As for whether this could be used for DoS, I guess that depends on the
parameters/options.  If you can send through a packet telling the remote
end to set its MTU to 0, then I imagine that it would effectively kill the
connection.  This would, of course, rely on the ICMP making it past the
firewall.

Regards,
Dave Taylor



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: