Re: port scanners/ICMP port unreachable

Oliver Friedrichs (iceman@MBnet.MB.CA)
Tue, 28 Mar 1995 14:37:10 -0600 (CST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brian Utterback: "Re: port scanners/ICMP port unreachable"
Previous message: Oliver Friedrichs: "Re: port scanners/ICMP port unreachable"
In reply to: Paul Ferguson: "Re: port scanners/ICMP port unreachable"
Next in thread: Paul Ferguson: "Re: port scanners/ICMP port unreachable"

On Mon, 27 Mar 1995, Paul Ferguson wrote:

> Why not simply use a 'sane' implementation of ICMP class filtering,
> such as offered in cisco IOS 10.3, to simply block specific classes
> of ICMP traffic?

I don't think you understand what he meant.  He means detecting someone 
scanning your host.  Say with strobe/iss/satan/tcp_probe etc..  look for 
ICMP port unreachable packets leaving your host.

- Oliver

Next message: Brian Utterback: "Re: port scanners/ICMP port unreachable"
Previous message: Oliver Friedrichs: "Re: port scanners/ICMP port unreachable"
In reply to: Paul Ferguson: "Re: port scanners/ICMP port unreachable"
Next in thread: Paul Ferguson: "Re: port scanners/ICMP port unreachable"