idea to restrict inbound ICMP echo-request to your
site, to minimize the risk of attack. Now, HPing is a tool that can do a
lot more than a normal ICMP ping, it can do a TCP (with any artbitrary
flags set) ping to any port on a target server. It also has a capability
to spoof source address, set TTL
Thanks allot to everyone who responded, it's been a great help.
In conclusion, unless these guys can provide some proof that the web server
can actually be compromised via HTTP Port 80 using HPing, I'll be of the
opinion that it may just be another way to try and sell us more services.
So, what computer do you blame for not following the
supplied link to http://www.hping.org to learn what HPing
does?
"hping is a command-line oriented TCP/IP packet assembler/analyzer.
The interface is inspired to the ping(8) unix command, but hping
isn't only able to send ICMP ech
> We received a notification today, from a company that checks our network
for
> vulnerabilities, that the web servers we host are vulnerable to HPing
> (http://www.hping.org/). The company stated that using this tool it is
> possible to ping the box via port 80 and thus open to se
Any company that does these sort of tests should include recommendations
within the report they produce.
The last time I used hping was to do what's called an idle host ping.
It requires your host to be idle!
To block the pings stop ICMP type traffic, fragmented packets should be
stopped
In-Reply-To: <[EMAIL PROTECTED]>
HPing is a network penetration testing program, it can't be used to launch
a service denal attack (unless he opens multiple connections from 1 PC to
your webserver. You can protect yourself by blocking his IP at your
firewall). Seems like a shady co
To error is human -- to blame the computer is even more so.
On Wed, 2 Jul 2003, Chad wrote:
> We received a notification today, from a company that checks our network for
> vulnerabilities, that the web servers we host are vulnerable to HPing
> (http://www.hping.org/). The compa
> We received a notification today, from a company that checks our network
for
> vulnerabilities, that the web servers we host are vulnerable to HPing
> (http://www.hping.org/). The company stated that using this tool it is
> possible to ping the box via port 80 and thus open to se
Well, being able to get hping through a firewall to web servers on TCP port 80 does
not in itself indicate any kind of potential security flaw. Really, port 80 must be
open on the firewall to get non-malicious traffic to the web server(s). Without
having the details of their report I would
We received a notification today, from a company that checks our network for
vulnerabilities, that the web servers we host are vulnerable to HPing
(http://www.hping.org/). The company stated that using this tool it is
possible to ping the box via port 80 and thus open to service denial
attacks
10 matches
Mail list logo
