[LINK] DNS outage?
kim at holburn.net
Wed Jul 29 17:43:33 AEST 2009
On 2009/Jul/29, at 1:40 AM, Rick Welykochy wrote:
> Stilgherrian wrote:
>> No, it just means ping is bocked. Traceroute uses ping. Pings don't
>> always get allowed through any more.
> More accurately, traceroute, ping and a host of other network
> tools use ICMP packets. And it is often a subset of ICMP that is
ping uses ICMP. Traceroute can use a number of things but the default
You can always use lft (layer four traceroute). It can't be blocked
in the same way.
>> block such attempts to do reconnaissance like that, for security
>> reasons, as someone said earlier.
Often ping is allowed for public servers.
> I suppose that host discovery is one of those concerns. Other linkers
> may be able to point to other security concerns and the reason that
> ICMP is being blocked. I certainly would like to know if this is
> over cautious. Sometimes I think this is the case.
> Have there been any exploits or attacks based on ICMP, for example?
DDoS, ping of death?
> Rick Welykochy || Praxis Services
> Age is an issue of mind over matter. If you don't mind, it doesn't
> -- Mark Twain
> Link mailing list
> Link at mailman.anu.edu.au
IT Network & Security Consultant
Ph: +39 06 855 4294 M: +39 3494957443
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link