SecurityFocus

Removing ping/icmp from a network Mar 25 2008 04:29PM
Secure This (lists securethis net) (7 replies)

Re: Removing ping/icmp from a network Mar 26 2008 02:55PM
Jason Thompson (securitux gmail com) (4 replies)

ICMP is not vital for network operation, though it is convenient. PING
isn't required at all, ICMP unreachable messages don't do anything
other than notify the receiver to stop trying to connect to a
destination as it isn't alive (the receiver should get a hint of this
when his SYN's don't get a SYN ACK), ICMP redirects shouldn't happen
if your network is structured properly, and even if it's not, it just
adds an extra hop.

I don't see any ICMP messages that are a MUST for network operation.

That being said, if network monitoring is being done via SNMPv1 or v2
which isn't secure at all, ICMP is the least of your problems. I agree
with a few here that you allow ICMP from trusted to untrusted, but not
vice versa. And definitely NO ICMP from the Internet.

Keep in mind, if you give ICMP the boot on your internal network,
expect a lot more support calls as most users don't consider a device
up and working unless they can ping it.

-J

On Tue, Mar 25, 2008 at 12:29 PM, Secure This <lists (at) securethis (dot) net [email concealed]> wrote:
> I have a variety of clients with data centres who all make use of
> icmp/ping to monitor their servers/appliances/devices (often with poorly
> configured snmp versions 1 and 2).
>
> Could anybody kindly advise me of tools and strategies for minimising or
> removing the use of icmp/ping on a supposedly secure network?
>
> Thanks in advance
>

[ reply ]

Re: Removing ping/icmp from a network Mar 28 2008 05:02AM
Michael Painter (tvhawaii shaka com)

RE: Removing ping/icmp from a network Mar 26 2008 07:29PM
Joachim Thuau (jthuau heavy-iron com)

Re: Removing ping/icmp from a network Mar 26 2008 07:08PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (2 replies)

Re: Removing ping/icmp from a network Mar 27 2008 04:25PM
Jason (securitux gmail com) (2 replies)

Re: Removing ping/icmp from a network Mar 27 2008 11:29PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

Re: Removing ping/icmp from a network Mar 28 2008 04:34PM
Jason (securitux gmail com) (1 replies)

Re: Removing ping/icmp from a network Mar 29 2008 07:35PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

Re: Removing ping/icmp from a network Mar 31 2008 10:29PM
Jason (securitux gmail com) (1 replies)

Re: Removing ping/icmp from a network Apr 04 2008 12:28PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (2 replies)

Re: Removing ping/icmp from a network Apr 05 2008 05:17PM
Mark Owen (mr markowen gmail com) (1 replies)

Re: Removing ping/icmp from a network Apr 07 2008 03:27PM
Jason (securitux gmail com)

Re: Removing ping/icmp from a network Apr 05 2008 12:06AM
Jason (securitux gmail com) (1 replies)

Re: Removing ping/icmp from a network Apr 06 2008 02:54PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

Re: Removing ping/icmp from a network Apr 07 2008 04:53PM
Jason (securitux gmail com)

Re: Removing ping/icmp from a network Mar 27 2008 05:09PM
Mark Owen (mr markowen gmail com) (2 replies)

Re: Removing ping/icmp from a network Mar 27 2008 06:52PM
Jason (securitux gmail com) (1 replies)

Re: Removing ping/icmp from a network Mar 27 2008 08:49PM
Michael Painter (tvhawaii shaka com) (2 replies)

RE: Removing ping/icmp from a network Mar 28 2008 12:13AM
Craig Wright (Craig Wright bdo com au)

Re: Removing ping/icmp from a network Mar 27 2008 11:48PM
Razi Shaban (razishaban gmail com) (2 replies)

RE: Removing ping/icmp from a network Mar 28 2008 03:07PM
Adewale, Akin (IT Services - Infosec Team) (Akin Adewale capita co uk)

Re: Removing ping/icmp from a network Mar 28 2008 04:27AM
Michael Painter (tvhawaii shaka com) (2 replies)

RE: Removing ping/icmp from a network Mar 28 2008 04:49PM
Ric Messier (kilroy WasHere COM)

Re: Removing ping/icmp from a network Mar 28 2008 04:44PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

Re: Removing ping/icmp from a network Mar 30 2008 01:32AM
Michael Painter (tvhawaii shaka com) (1 replies)

Re: Removing ping/icmp from a network Apr 01 2008 12:13PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)

R: Removing ping/icmp from a network Mar 27 2008 06:33PM
Vega - Brunello Ivan (I Brunello vegaspa it)

RE: Removing ping/icmp from a network Mar 26 2008 09:47PM
Craig Wright (Craig Wright bdo com au)

RE: Removing ping/icmp from a network Mar 26 2008 04:24PM
Worrell, Brian (BWorrell isdh IN gov)

RE: Removing ping/icmp from a network Mar 26 2008 12:30AM
Strykar (str hackerzlair org) (2 replies)

RE: Removing ping/icmp from a network Mar 26 2008 11:42PM
Murda Mcloud (murdamcloud bigpond com)

RE: Removing ping/icmp from a network Mar 26 2008 10:50PM
Murda Mcloud (murdamcloud bigpond com)

Re: Removing ping/icmp from a network Mar 25 2008 10:12PM
Ivan . (ivanhec gmail com)

Re: Removing ping/icmp from a network Mar 25 2008 05:53PM
Mark Owen (mr markowen gmail com)

Re: Removing ping/icmp from a network Mar 25 2008 05:32PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)

Re: Removing ping/icmp from a network Mar 25 2008 05:17PM
Jon R. Kibler (Jon Kibler aset com) (1 replies)

Re: Removing ping/icmp from a network Mar 26 2008 12:13PM
Secure This (lists securethis net) (1 replies)

DoD aproved disk wiping tool Mar 27 2008 01:31PM
JP Vicente (jvicente asft net) (4 replies)

RE: DoD approved disk wiping tool Mar 27 2008 11:38PM
Steve Armstrong (stevearmstrong logicallysecure com) (1 replies)

Re: DoD approved disk wiping tool Mar 28 2008 04:16PM
Hattrickinc (hattrickinc gmail com)

RE: DoD aproved disk wiping tool Mar 27 2008 07:50PM
Kevin Ortloff (Kevin Ortloff j2global com) (1 replies)

RE: DoD aproved disk wiping tool Mar 27 2008 09:59PM
Arbogast, Paul (Citco) (PArbogast citco com)

Re: DoD aproved disk wiping tool Mar 27 2008 04:56PM
John Syers (jsyers acm org) (1 replies)

Re: DoD aproved disk wiping tool Mar 27 2008 07:20PM
postmaster (postmaster impole com) (1 replies)

Re: DoD aproved disk wiping tool Mar 27 2008 07:18PM
Tremaine Lea (tremaine gmail com)

RE: DoD aproved disk wiping tool Mar 27 2008 03:21PM
Timmothy Lester (Timmothy Lester primeadvisors com)

RE: Removing ping/icmp from a network Mar 25 2008 04:56PM
Hopke, Greg (GHopke libertymgt com) (1 replies)

Re: Removing ping/icmp from a network Mar 25 2008 06:12PM
Mark Owen (mr markowen gmail com) (2 replies)

RE: Removing ping/icmp from a network Mar 26 2008 01:58PM
Ramsdell, Scott (Scott Ramsdell cellnethunt com) (1 replies)

Re: Removing ping/icmp from a network Mar 26 2008 06:44PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

RE: Removing ping/icmp from a network Mar 27 2008 02:19PM
Ramsdell, Scott (Scott Ramsdell cellnethunt com) (1 replies)

Re: Removing ping/icmp from a network Mar 27 2008 02:34PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)

Re: Removing ping/icmp from a network Mar 25 2008 08:11PM
Fabio Fagundes (fabio fagundes gmail com)