Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > NFR Wizards> 2000-q1

NFR Wizards Archives: Blocking ICMP with ipchains

Blocking ICMP with ipchains

Subject: Blocking ICMP with ipchains
From: wwebbadni.net
Date: Tue Jan 11 2000 - 18:18:59 CST

Next message: Mark Coleman: "Re: Desperatly seeking answer."
Previous message: Shaun Moran: "RE: Tools to correlate attacks b/w diff. logs"
Next in thread: Mikael Olsson: "Re: Blocking ICMP with ipchains"
Reply: Mikael Olsson: "Re: Blocking ICMP with ipchains"
Reply: peter.schawackerciticorp.com: "RE: Blocking ICMP with ipchains"
Reply: Carric Dooley: "Re: Blocking ICMP with ipchains"
Reply: Steven M. Bellovin: "Re: Blocking ICMP with ipchains"
Reply: Ryan Russell: "RE: Blocking ICMP with ipchains"
Reply: Richard.Smythnokia.com: "RE: Blocking ICMP with ipchains"
Reply: Staggs, Michael: "RE: Blocking ICMP with ipchains"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've heard that it is not wise to block all ICMP operations. Such
being the case, which of these ICMP operations are safe to block
without causing serious problems:

echo-reply (pong)
destination-unreachable
   network-unreachable
   host-unreachable
   protocol-unreachable
   port-unreachable
   fragmentation-needed
   source-route-failed
   network-unknown
   host-unknown
   network-prohibited
   host-prohibited
   TOS-network-unreachable
   TOS-host-unreachable
   communication-prohibited
   host-precedence-violation
   precedence-cutoff
source-quench
redirect
   network-redirect
   host-redirect
   TOS-network-redirect
   TOS-host-redirect
echo-request (ping)
router-advertisement
router-solicitation
time-exceeded (ttl-exceeded)
   ttl-zero-during-transit
   ttl-zero-during-reassembly
parameter-problem
   ip-header-bad
   required-option-missing
timestamp-request
timestamp-reply
address-mask-request
address-mask-reply

Thanks for any assistance.

Next message: Mark Coleman: "Re: Desperatly seeking answer."
Previous message: Shaun Moran: "RE: Tools to correlate attacks b/w diff. logs"
Next in thread: Mikael Olsson: "Re: Blocking ICMP with ipchains"
Reply: Mikael Olsson: "Re: Blocking ICMP with ipchains"
Reply: peter.schawackerciticorp.com: "RE: Blocking ICMP with ipchains"
Reply: Carric Dooley: "Re: Blocking ICMP with ipchains"
Reply: Steven M. Bellovin: "Re: Blocking ICMP with ipchains"
Reply: Ryan Russell: "RE: Blocking ICMP with ipchains"
Reply: Richard.Smythnokia.com: "RE: Blocking ICMP with ipchains"
Reply: Staggs, Michael: "RE: Blocking ICMP with ipchains"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b27 : Fri Jan 14 2000 - 04:09:23 CST