[unisog] Necessary ICMP traffic and the SANS/FBI top 20 Vulnerabilities
john at alcyone.csustan.edu
Mon Jun 16 22:44:57 GMT 2003
I think it's worth considering that pinging still plays a role in doing
the semi-annual Internet Domain Survey.
On Monday, Jun 16, 2003, at 07:25 US/Pacific, Mayne, Jim wrote:
> In the SANS/FBI top 20 vulnerabilities they suggest blocking incoming
> ICMP echo requests and outgoing replies as well as blocking outgoing
> destination unreachable (except for fragmentation needed) messages.
> Given all the other ICMP messages available to intruders I am curious
> if a better approach would not be to allow only fragmentation needed
> (3-4) and source quench in/out of your network. It seems that any
> others should only be passing between nodes inside your network.
> Is this not true?
> Jim Mayne
> Sr. Network Engineer
> Texas Christian University
> j.mayne at tcu.edu
> (817) 257-6843
John Sarraille, Professor || john at ishi.csustan.edu
Computer Science Department || (209) 667-3345 (office)
Calif. State Univ., Stanislaus, || (209) 667-3185 (secretary)
Turlock, CA 95382-0256 || (209) 667-3333 (fax)
More information about the unisog