Network Security: Detailed info on RE: Removing ping/icmp from a network

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

RE: Removing ping/icmp from a network

from [Joachim Thuau] Network Security

[Permanent Link]

Subject:	RE: Removing ping/icmp from a network
Date:	Wed, 26 Mar 2008 12:29:02 -0700

From: Jason Thompson
Subject: Re: Removing ping/icmp from a network


[snip]

I don't see any ICMP messages that are a MUST for network operation.


The one system that I know makes use of ICMP messages is Active
Directory. 
It uses ICMP to establish a number of parameters regarding speed of the
links 
between Clients and Domain controllers. See the note at the following KB

article for some details:
http://support.microsoft.com/kb/227260/

With this in mind, you could setup rules for ICMP traffic to only be
allowed 
to Domain Controllers, which would be sufficient for normal operation of
AD.

Jok

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Removing ping/icmp from a network, (continued) Re: Removing ping/icmp from a network, Razi Shaban Re: Removing ping/icmp from a network, Michael Painter Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers Re: Removing ping/icmp from a network, Michael Painter RE: Removing ping/icmp from a network, Ric Messier RE: Removing ping/icmp from a network, Adewale, Akin (IT Services - Infosec Team) RE: Removing ping/icmp from a network, Craig Wright Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers Re: Removing ping/icmp from a network, Jason Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers RE: Removing ping/icmp from a network, Joachim Thuau <= Re: Removing ping/icmp from a network, Michael Painter RE: Removing ping/icmp from a network, Edward Ling Re: Removing ping/icmp from a network, Jon R. Kibler Re: Removing ping/icmp from a network, Jason Re: Removing ping/icmp from a network, Jim Parkhurst

Previous by Date:	Re: DNSs, MXs and RBLs...., Ansgar -59cobalt- Wiechers
Next by Date:	Re: File sharing with Bittorrent: what possible security threads?, Simon Jolle sjolle
Previous by Thread:	Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers
Next by Thread:	Re: Removing ping/icmp from a network, Michael Painter
Indexes:	[Date] [Thread] [Top] [All Lists]