[unisog] Necessary ICMP traffic and the SANS/FBI top 20 Vulnerabilities

John Sarraille john at alcyone.csustan.edu
Mon Jun 16 22:44:57 GMT 2003


I think it's worth considering that pinging still plays a role in doing 
the semi-annual Internet Domain Survey.

http://www.isc.org/ds/new-survey.html


On Monday, Jun 16, 2003, at 07:25 US/Pacific, Mayne, Jim wrote:

>
> In the SANS/FBI top 20 vulnerabilities they suggest blocking incoming 
> ICMP echo requests and outgoing replies as well as blocking outgoing 
> destination unreachable (except for fragmentation needed) messages.
>
> Given all the other ICMP messages available to intruders I am curious 
> if a better approach would not be to allow only fragmentation needed 
> (3-4) and source quench in/out of your network. It seems that any 
> others should only be passing between nodes inside your network.
>
> Is this not true?
>
> Thanks,
>
> Jim Mayne
> Sr. Network Engineer
> Texas Christian University
> j.mayne at tcu.edu
> (817) 257-6843
>
==================================================================
John Sarraille, Professor        ||  john at ishi.csustan.edu
Computer Science Department      ||  (209) 667-3345 (office)
Calif. State Univ., Stanislaus,  ||  (209) 667-3185 (secretary)
Turlock, CA 95382-0256           ||  (209) 667-3333 (fax)
==================================================================
Unity
==================================================================



More information about the unisog mailing list