Great Circle Associates Firewalls
(April 1998)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Questions about ICMP
From: "Gregory D. Otto" <gdo @ newf . com>
Date: Wed, 08 Apr 1998 07:34:39 -0500
To: Smoot Carl-Mitchell <smoot @ tic . com>, firewalls @ GreatCircle . COM
In-reply-to: <199804080416 . XAA02676 @ casa-pc . tic . com>
References: <Your message of "Tue, 07 Apr 1998 17:28:15 PDT." <199804080028 . RAA21081 @ yginsburg . el . nec . com>

Or in the case of Microsoft it is ICMP messages!!!

Greg

At 11:16 PM 4/7/98 -0500, Smoot Carl-Mitchell wrote:
>>Maybe I'm just stupid today, but isn't traceroute just a series of ICMP
packet
>>s
>>with a specific Time-To-Live set in stages?  And if ICMP packets are
allowed, 
>>how do you block the "traceroute" program?
>
>Traceroute uses UDP packets to a high port number with the TTL incremented by
>one for each packet sent.  It listens for the ICMP Time Expired packets
>returning.  That is where it derives the IP addresses of each hop.
>
>
>Smoot Carl-Mitchell
>Texas Internet Consulting
>1106 Clayton Lane, Suite 500W
>Austin, TX 78723
>
>+1 512 451-6176
>

=====================================================================
| Greg Otto                            e-mail:  gdo @
 newf .
 com        |
| Network Engineer                     voice:   (713) 718-1358      |
| New Frontier Consulting, Inc.        fax:     (713) 718-1359      |
| Houston, Texas                       www:     http://www.newf.com |
=====================================================================


References:
Indexed By Date Previous: Re: Livingston's IRX211 firewall router
From: fauquet @ matranet . com (Xavier Fauquet)
Next: RE: socks versus fw-1 stateful inspection vulnerabilities
From: Jeff Kalwerisky <jeffk @ secure-it . net>
Indexed By Thread Previous: Re: Questions about ICMP
From: Smoot Carl-Mitchell <smoot @ tic . com>
Next: Re: Questions about ICMP
From: Jean-Christophe Touvet <jct @ EdelWeb . fr>

Google
 
Search Internet Search www.greatcircle.com