From: Paul Robichaux (paulROBICHAUX.NET)
Date: Wed Oct 01 2003 - 09:13:21 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Block ICMP packets with length 92 and you're golden. Blocking all ICMP
causes other problems, as you note; it's equivalent to blocking all, say,
TCP trafffic in that it improves your security while degrading your
functionality.

> From: Information Security <InformationSecurityFEDERATEDINV.COM>
> Reply-To: Windows NTBugtraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
> Date: Tue, 30 Sep 2003 11:00:54 -0400
> To: NTBUGTRAQLISTSERV.NTBUGTRAQ.COM
> Subject: ICMP Ping and Group Policy Update
>
> In response to Nachi, we blocked ICMP Pings to & from our VPN. However,
> it appears that this also has disabled group policy updates for remote
> VPN users. We ran network traces and saw the ICMP packets, I think
> they're part of the negotiation phase where the server tries to
> determine if the client is on a slow link.
>
> I suspect a lot of networks cranked down on ICMP after Nachi. Can
> anyone else confirm this behavior? Does anyone have a workaround or
> configuration setting to override/bypass this feature?
>
> Thanks!
>
> ----
> Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
>
> With a growth rate exceeding 110%, the TICSA security practitioner
> certification is one of the hottest IT credentials available. And now, for
> a limited time, you can save 33% off of the TICSA certification exam! To
> learn more about the TICSA certification, and to register as a TICSA
> candidate online, just go to
>
> http://www.trusecure.com/offer/s0100/
>
> ----
>

-----
Wondering as to whether the list is running? The NTBugtraq archives are
updated first before messages are emailed to subscribers. Check the
archives first to see if you have missed any messages;

http://www.ntbugtraq.com/archives

-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]