Vulnerability Development mailing list archives
Re: ICMP and BlackICE (fwd)
From: Jim Wildman <jim () ROSSBERRY COM>
Date: Fri, 8 Sep 2000 07:53:36 -0500
I've found that out as well. For instance, aggressive icmp blocking breaks www.four11.com. But which ones? -------------------------------------------------------------------------- Jim Wildman Managing Consultant, marchFIRST jim () rossberry com jim.wildman () marchfirst com www.rossberry.com www.marchfirst.com (513)766-2002 x4209 (972)560-7356 On Thu, 7 Sep 2000, James Robbins wrote:
jed,
We just got bit by this a little while ago. You cannot block all
ICMP traffic. Ping is only one type of service sent over ICMP.
A list of the services supported by ICMP are:
Echo Reply (Ping)
Destination Unreachable
Source Quench
Redirect (change a route)
Echo Request (Ping)
Time Exceeded for a Datagram
Parameter Problem on a Datagram
Timestamp Request
Timestamp Reply
Information Request
Information Reply
Address Mask Request
Address Mask Reply
Some of these you can block with no ill effect. Others will
break a lot of stuff.
--
James A. Robbins
Senior Design Engineer, Network Engineer
The Ohio State University
Chemistry Department
Current thread:
- ICMP and BlackICE (fwd) anon6774 (Sep 06)
- Re: ICMP and BlackICE (fwd) James Robbins (Sep 07)
- Re: ICMP and BlackICE (fwd) Brian M Brotschi (Sep 08)
- Re: ICMP and BlackICE (fwd) Jim Wildman (Sep 08)
- Message not available
- Re: ICMP and BlackICE (fwd) James Robbins (Sep 12)
- Re: ICMP and BlackICE (fwd) James Robbins (Sep 07)