Network Security: Detailed info on Re: Removing ping/icmp from a network

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

Re: Removing ping/icmp from a network

from [Mark Owen] Network Security

[Permanent Link]

Subject:	Re: Removing ping/icmp from a network
Date:	Tue, 25 Mar 2008 14:12:37 -0400

On Tue, Mar 25, 2008 at 12:56 PM, Hopke, Greg <GHopke@libertymgt.com> wrote:

Is ICMP on a LAN insecure?

 I could see lowing it through a firewall or from trusted to non-trusted.

 Greg


Within a trusted LAN, it is completely secure.  As ICMP is handled
directly by the operating system, there have been a few exploits
discovered that can crash a box with a malicious ICMP packet.
However, discovered flaws are not only very old, but have been fixed
on just about every OS.  ICMP is a twenty year old protocol and is
very reliable and helpful.  I wouldn't allow untrust to trust ICMP
outside the firewall, but trust to trust and trust to untrust would be
just fine in most cases.


-- 
Mark Owen

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Removing ping/icmp from a network, Secure This RE: Removing ping/icmp from a network, Hopke, Greg Re: Removing ping/icmp from a network, Mark Owen <= Message not available Re: Removing ping/icmp from a network, Mark Owen Re: Removing ping/icmp from a network, Fabio Fagundes RE: Removing ping/icmp from a network, Ramsdell, Scott Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers RE: Removing ping/icmp from a network, Ramsdell, Scott Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers Re: Removing ping/icmp from a network, Jon R. Kibler Re: Removing ping/icmp from a network, Secure This DoD aproved disk wiping tool, JP Vicente

Previous by Date:	Re: Removing ping/icmp from a network, Mark Owen
Next by Date:	RE: Looking For Security Metrics, jmacaranas
Previous by Thread:	RE: Removing ping/icmp from a network, Hopke, Greg
Next by Thread:	Re: Removing ping/icmp from a network, Mark Owen
Indexes:	[Date] [Thread] [Top] [All Lists]