|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ICMP Vulnerability
On Tue, 12 Apr 2005, Hannigan, Martin wrote: > There's been a rumor on the street that an unnamed large router vendor > is releasing something around this today as well: > > http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en Is this something new to do with source-quench, or is it the ages-old source-quench attack? From: Dean Anderson <[email protected]> To: Rudi Starcevic <[email protected]> Cc: [email protected] Subject: Re: Essential ICMP No, that would be wildly wrong. Necessary messages: (never block) 3 Destination Unreachable (block code 4 and break PATH MTU) (other codes are "Nice") Good Messages: (never harmful) 11 Time to live Exceeded Nice messages: (sometimes harmful) 4 Source Quench 8/0 Echo Request/Reply 12 Parameter Problem 13/14 Timestamp Request/Reply 15/16 Information Request/Reply Dangerous (ought to be blocked, unless you know you need it; in that case tightly restricted) 5 Redirect -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000
|