I thought it was very useful in finding out remote routes... And we
will not even TALK about firewalking!
;-)
Jim
Christian Vogel wrote:
>
> Hi Frederic,
>
> > Although I _could_ agree as far as a firewalls are concerned, I don't
> > when it comes to routers.
> > Blocking/droping any ICMP packet usually turns into a real nightmare
> > when you've to perform troubleshooting on a wide network.
>
> Please don't spread the word that ICMP only is for troubleshooting
> networks. ICMP has it's uses beside "PING", the most important one
> being "Path-MTU-Discovery" which will break when filtering all
> ICMP packets! [1]
>
> There is a really frightening number of clueless admins which misconfigure
> their firewalls this way!
--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566
------------------------------------------------------------------------
----
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
will not even TALK about firewalking!
;-)
Jim
Christian Vogel wrote:
>
> Hi Frederic,
>
> > Although I _could_ agree as far as a firewalls are concerned, I don't
> > when it comes to routers.
> > Blocking/droping any ICMP packet usually turns into a real nightmare
> > when you've to perform troubleshooting on a wide network.
>
> Please don't spread the word that ICMP only is for troubleshooting
> networks. ICMP has it's uses beside "PING", the most important one
> being "Path-MTU-Discovery" which will break when filtering all
> ICMP packets! [1]
>
> There is a really frightening number of clueless admins which misconfigure
> their firewalls this way!
--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566
------------------------------------------------------------------------
----
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
[ reply ]