ICMP Vulnerability

• Previous message (by thread): ICMP Vulnerability
• Next message (by thread): ICMP Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 12 Apr 2005, Hannigan, Martin wrote:

> There's been a rumor on the street that an unnamed large router vendor
> is releasing something around this today as well:
> 
> http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en

Is this something new to do with source-quench, or is it the ages-old
source-quench attack?



From: Dean Anderson <dean at av8.com>
To: Rudi Starcevic <tech at wildcash.com>
Cc: netfilter at lists.netfilter.org
Subject: Re: Essential ICMP

No, that would be wildly wrong.

Necessary messages: (never block)
        3 Destination Unreachable 
                (block code 4 and break PATH MTU)
                (other codes are "Nice")

Good Messages: (never harmful)
        11 Time to live Exceeded

Nice messages: (sometimes harmful)
        4 Source Quench  
        8/0 Echo Request/Reply
        12 Parameter Problem
        13/14 Timestamp Request/Reply
        15/16 Information Request/Reply


Dangerous (ought to be blocked, unless you know you need it; 
                in that case tightly restricted)
        5 Redirect


-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000   

• Previous message (by thread): ICMP Vulnerability
• Next message (by thread): ICMP Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]