ICMP Stands For Trouble
For instance, ICMP has been used for scanning, Denial of Service (DoS) attacks, and tunneling (see "Distributed Denial of Service Attacks," March 2000, and "Firewall Vulnerabilities," August 1999,). A recent research paper by Israeli security consultant Ofir Arkin draws attention to some of the more arcane ways that ICMP can be employed in scanning networks (see Resources). At the end of his paper, Arkin suggests permitting only one of the 52 ICMP types and codes through a firewall, and that one only inbound.
The link for this article located at Network Magazine is no longer available.