The Internet Control Message Protocol (ICMP) is simple, as Internet protocols go. Originally described in RFC 792 by Jon Postel, ICMP provides a way for IP stacks to send simple messages containing information or errors. ICMP is important for the Internet . . .
The Internet Control Message Protocol (ICMP) is simple, as Internet protocols go. Originally described in RFC 792 by Jon Postel, ICMP provides a way for IP stacks to send simple messages containing information or errors. ICMP is important for the Internet (and IP networks) to function correctly; however, ICMP can also have a negative effect on your network's security.

For instance, ICMP has been used for scanning, Denial of Service (DoS) attacks, and tunneling (see "Distributed Denial of Service Attacks," March 2000, and "Firewall Vulnerabilities," August 1999,). A recent research paper by Israeli security consultant Ofir Arkin draws attention to some of the more arcane ways that ICMP can be employed in scanning networks (see Resources). At the end of his paper, Arkin suggests permitting only one of the 52 ICMP types and codes through a firewall, and that one only inbound.

The link for this article located at Network Magazine is no longer available.