Answer the question
In order to leave comments, you need to log in
V
V
Vlad Kravets2017-01-03 12:36:43
Vlad Kravets, 2017-01-03 12:36:43
An open port for the ICMP protocol, what problems can be caused by it?
An open port for the ICMP protocol, what problems can be caused by it?
2 answer(s)
@rexido
The volume of the answer, with possible variations of everything that can happen with the careless use of ICMP, is unlikely to be described by anyone here. An entire book could be devoted to this. If you do not know how to configure it correctly, it is better to disable it completely.
PS Quite a lot of things can happen, and it all depends on a very large number of parameters. In order to specify what can happen in your particular case, you need to either:
a) Study your network and its parameters
b) Try all the variants of known attacks in which the ICMP protocol is somehow present (and then, in fact, we will understand that may happen)
c) Wait until someone completely or partially executes the previous option (B), collect the received data and fix the result (maybe this will never happen)
PPS If you need ICMP only to check ping, I recommend setting up a firewall so it would only pass ping requests/responses. These are packets with type 0 and 8. Further, already resp. It all depends on you and your specific needs...
E
Eugene Wolf, 2017-01-03 @rexido
Open port for ICMP protocolI don't recall ICMP having any port at all. This is a service protocol and there are no port number fields in the ICMP packet.
The volume of the answer, with possible variations of everything that can happen with the careless use of ICMP, is unlikely to be described by anyone here. An entire book could be devoted to this. If you do not know how to configure it correctly, it is better to disable it completely.
PS Quite a lot of things can happen, and it all depends on a very large number of parameters. In order to specify what can happen in your particular case, you need to either:
a) Study your network and its parameters
b) Try all the variants of known attacks in which the ICMP protocol is somehow present (and then, in fact, we will understand that may happen)
c) Wait until someone completely or partially executes the previous option (B), collect the received data and fix the result (maybe this will never happen)
PPS If you need ICMP only to check ping, I recommend setting up a firewall so it would only pass ping requests/responses. These are packets with type 0 and 8. Further, already resp. It all depends on you and your specific needs...
Similar questions
T
Talyan2020-12-11 20:49:59
Why are ICMP requests going through to my computer despite iptables?
1Reply
T
M
A
F
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question