SecurityFocus

Removing ping/icmp from a network Mar 25 2008 04:29PM
Secure This (lists securethis net) (7 replies)

Re: Removing ping/icmp from a network Mar 26 2008 02:55PM
Jason Thompson (securitux gmail com) (4 replies)

Re: Removing ping/icmp from a network Mar 28 2008 05:02AM
Michael Painter (tvhawaii shaka com)

RE: Removing ping/icmp from a network Mar 26 2008 07:29PM
Joachim Thuau (jthuau heavy-iron com)

Re: Removing ping/icmp from a network Mar 26 2008 07:08PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (2 replies)

Re: Removing ping/icmp from a network Mar 27 2008 04:25PM
Jason (securitux gmail com) (2 replies)

Re: Removing ping/icmp from a network Mar 27 2008 11:29PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

Re: Removing ping/icmp from a network Mar 28 2008 04:34PM
Jason (securitux gmail com) (1 replies)

Re: Removing ping/icmp from a network Mar 29 2008 07:35PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

Re: Removing ping/icmp from a network Mar 31 2008 10:29PM
Jason (securitux gmail com) (1 replies)

Re: Removing ping/icmp from a network Apr 04 2008 12:28PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (2 replies)

Re: Removing ping/icmp from a network Apr 05 2008 05:17PM
Mark Owen (mr markowen gmail com) (1 replies)

Re: Removing ping/icmp from a network Apr 07 2008 03:27PM
Jason (securitux gmail com)

Re: Removing ping/icmp from a network Apr 05 2008 12:06AM
Jason (securitux gmail com) (1 replies)

Re: Removing ping/icmp from a network Apr 06 2008 02:54PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

Re: Removing ping/icmp from a network Apr 07 2008 04:53PM
Jason (securitux gmail com)

Re: Removing ping/icmp from a network Mar 27 2008 05:09PM
Mark Owen (mr markowen gmail com) (2 replies)

Re: Removing ping/icmp from a network Mar 27 2008 06:52PM
Jason (securitux gmail com) (1 replies)

Re: Removing ping/icmp from a network Mar 27 2008 08:49PM
Michael Painter (tvhawaii shaka com) (2 replies)

RE: Removing ping/icmp from a network Mar 28 2008 12:13AM
Craig Wright (Craig Wright bdo com au)

Re: Removing ping/icmp from a network Mar 27 2008 11:48PM
Razi Shaban (razishaban gmail com) (2 replies)

RE: Removing ping/icmp from a network Mar 28 2008 03:07PM
Adewale, Akin (IT Services - Infosec Team) (Akin Adewale capita co uk)

Re: Removing ping/icmp from a network Mar 28 2008 04:27AM
Michael Painter (tvhawaii shaka com) (2 replies)

RE: Removing ping/icmp from a network Mar 28 2008 04:49PM
Ric Messier (kilroy WasHere COM)

Re: Removing ping/icmp from a network Mar 28 2008 04:44PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

Re: Removing ping/icmp from a network Mar 30 2008 01:32AM
Michael Painter (tvhawaii shaka com) (1 replies)

Re: Removing ping/icmp from a network Apr 01 2008 12:13PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)

R: Removing ping/icmp from a network Mar 27 2008 06:33PM
Vega - Brunello Ivan (I Brunello vegaspa it)

RE: Removing ping/icmp from a network Mar 26 2008 09:47PM
Craig Wright (Craig Wright bdo com au)

RE: Removing ping/icmp from a network Mar 26 2008 04:24PM
Worrell, Brian (BWorrell isdh IN gov)

RE: Removing ping/icmp from a network Mar 26 2008 12:30AM
Strykar (str hackerzlair org) (2 replies)

RE: Removing ping/icmp from a network Mar 26 2008 11:42PM
Murda Mcloud (murdamcloud bigpond com)

RE: Removing ping/icmp from a network Mar 26 2008 10:50PM
Murda Mcloud (murdamcloud bigpond com)

I think the important thing here is where Strykar says 'supposedly secure'.
What are the risks that you can see on that network? Are there enough risks
to tip it past the 'trusted' point.
Granted, 'trusted' is just a label, and not a metric as such here.
I know the word has a meaning in the 'inside of the perimeter and not the
DMZ' sense but what else does it mean to people?

Scott Ramsdell said:
>>Even on my trusted LAN, I only allow echo request/echo reply.

Which made me wonder, is that a 'trusted' LAN then? Different networks have
different needs and different risks to address.
When does it stop being trusted? Because it's outside a firewall? Behind a
router? Because I don't know the people using the clients on the LAN? What
does everyone else think?
Obviously I don't trust some of my users not to mistakenly or purposefully
access risky websites or services-otherwise I wouldn't have controls in
place to mitigate that. But they are on my 'trusted' LAN.
So trusted seems a fuzzy concept here; a human word for a human situation.

Personally, I'd find it very difficult to do my job without Mike Muss'
awesome little program, ping. So blocking ICMP is not going to happen on the
inside...of my, uh, trusted LAN.
> >-----Original Message-----
> >From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> >On Behalf Of Strykar
> >Sent: Wednesday, March 26, 2008 10:30 AM
> >To: security-basics (at) securityfocus (dot) com [email concealed]
> >Subject: RE: Removing ping/icmp from a network
> >
> >You don't discourage ICMP on a network, that's uninformed Jim the farmer
> >cum
> >Sysad talk.
> >
> >
> >- S
> >
> >-----Original Message-----
> >From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> >On
> >Behalf Of Secure This
> >Sent: Tuesday, March 25, 2008 10:00 PM
> >To: security-basics (at) securityfocus (dot) com [email concealed]
> >Subject: Removing ping/icmp from a network
> >
> >I have a variety of clients with data centres who all make use of
> >icmp/ping to monitor their servers/appliances/devices (often with poorly
> >configured snmp versions 1 and 2).
> >
> >Could anybody kindly advise me of tools and strategies for minimising or
> >removing the use of icmp/ping on a supposedly secure network?
> >
> >Thanks in advance

[ reply ]

Re: Removing ping/icmp from a network Mar 25 2008 10:12PM
Ivan . (ivanhec gmail com)

Re: Removing ping/icmp from a network Mar 25 2008 05:53PM
Mark Owen (mr markowen gmail com)

Re: Removing ping/icmp from a network Mar 25 2008 05:32PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)

Re: Removing ping/icmp from a network Mar 25 2008 05:17PM
Jon R. Kibler (Jon Kibler aset com) (1 replies)

Re: Removing ping/icmp from a network Mar 26 2008 12:13PM
Secure This (lists securethis net) (1 replies)

DoD aproved disk wiping tool Mar 27 2008 01:31PM
JP Vicente (jvicente asft net) (4 replies)

RE: DoD approved disk wiping tool Mar 27 2008 11:38PM
Steve Armstrong (stevearmstrong logicallysecure com) (1 replies)

Re: DoD approved disk wiping tool Mar 28 2008 04:16PM
Hattrickinc (hattrickinc gmail com)

RE: DoD aproved disk wiping tool Mar 27 2008 07:50PM
Kevin Ortloff (Kevin Ortloff j2global com) (1 replies)

RE: DoD aproved disk wiping tool Mar 27 2008 09:59PM
Arbogast, Paul (Citco) (PArbogast citco com)

Re: DoD aproved disk wiping tool Mar 27 2008 04:56PM
John Syers (jsyers acm org) (1 replies)

Re: DoD aproved disk wiping tool Mar 27 2008 07:20PM
postmaster (postmaster impole com) (1 replies)

Re: DoD aproved disk wiping tool Mar 27 2008 07:18PM
Tremaine Lea (tremaine gmail com)

RE: DoD aproved disk wiping tool Mar 27 2008 03:21PM
Timmothy Lester (Timmothy Lester primeadvisors com)

RE: Removing ping/icmp from a network Mar 25 2008 04:56PM
Hopke, Greg (GHopke libertymgt com) (1 replies)

Re: Removing ping/icmp from a network Mar 25 2008 06:12PM
Mark Owen (mr markowen gmail com) (2 replies)

RE: Removing ping/icmp from a network Mar 26 2008 01:58PM
Ramsdell, Scott (Scott Ramsdell cellnethunt com) (1 replies)

Re: Removing ping/icmp from a network Mar 26 2008 06:44PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)

RE: Removing ping/icmp from a network Mar 27 2008 02:19PM
Ramsdell, Scott (Scott Ramsdell cellnethunt com) (1 replies)

Re: Removing ping/icmp from a network Mar 27 2008 02:34PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)

Re: Removing ping/icmp from a network Mar 25 2008 08:11PM
Fabio Fagundes (fabio fagundes gmail com)