Re: TCP/IP vulnerability

From: Ullrich von Bassewitz (uz_at_musoftware.de)
Date: 2005-04-18 12:30:41

• Next message: Spiro Trikaliotis: "OT: TCP/IP vulnerability"
• Previous message: Groepaz: "Re: TCP/IP vulnerability"
• In reply to: Spiro Trikaliotis: "Re: TCP/IP vulnerability"
• Next in thread: Spiro Trikaliotis: "OT: TCP/IP vulnerability"
• Reply: Spiro Trikaliotis: "OT: TCP/IP vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Mon, Apr 18, 2005 at 11:18:03AM +0200, Spiro Trikaliotis wrote:
> Unfortunately, many firewalls ban ICMP completely, and this is totally
> bs. Some ICMP packages are fundamental for the working of the IP
> protocol.

They're not really fundamental, because IP works without them if designed
correctly. They're fundamental for newer features, but for example the
original TCP spec didn't use any ICMP messages at all. Since ICMP messages
aren't reliable (they can get lost), it is obvious that the IP protocol itself
must be able to work without them. Of course it works better, if ICMP is
available and works, but that's not what I would call "fundamental".

The problem is that ICMP messages can easily be spoofed. Maybe it wasn't a
good idea at all to rely on something fragile for important things.

Regards


        Uz


-- 
Ullrich von Bassewitz                                  uz@musoftware.de

       Message was sent through the cbm-hackers mailing list

• Next message: Spiro Trikaliotis: "OT: TCP/IP vulnerability"
• Previous message: Groepaz: "Re: TCP/IP vulnerability"
• In reply to: Spiro Trikaliotis: "Re: TCP/IP vulnerability"
• Next in thread: Spiro Trikaliotis: "OT: TCP/IP vulnerability"
• Reply: Spiro Trikaliotis: "OT: TCP/IP vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Archive generated by hypermail pre-2.1.8.