I'm currently blocking both incoming/outgoing ICMP packets from our network.
I have a net admin who wants pinging and traceroute packet enabled going
out. But I'm kind of hesitant at this point because the security issues.
I've read in a book some where that ICMP packets can be exploited by an
attacker to smuggle data through a site who's firewall ONLY allows outbound
echo request by sending echo responses even when they haven't seen a
request. It is a way for the attacker to maintain connections to a
compromised site.
What's your opinion on this ?
Thanks.
Jaime
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
