Highest Voted 'icmp' Questions - IT Security Stack Exchange

1

vote

1 answer

Security auditing - disabling IP forwarding and ICMP packets redirects

I've recently started working as a security auditor and my mentor gave me some homework to write an Ubuntu security audit script so that I'll get to learn to use batch scripting and understand auditing in depth. I got to the part of ICMP packets…

asked Jan 25 '19 at 11:14

user184816

1

vote

0 answers

Spoofing an IP/MAC address to avoid ICMP Destination Unreachable being sent back

As far as I understand UDP flooding the idea is to send UDP packets across all ports from e.g. Alice to Bob, and get Bob's machine to check who listens to certain ports and generate many ICMP destination unreachable packets to be sent back (+ Bob's…

spoofing udp flooding icmp lan

asked Jul 16 '17 at 00:28

chao

111
1

1

vote

2 answers

Risks of pinging/resolving malicious sites?

If I do ping malicioussite.com or nslookup malicioussite.com, is there any risk for me? Will the people behind the malicious site know I'm looking them up? I'd like to make a program to use an IP address to find the domain and vice versa.

dns icmp

asked Aug 10 '16 at 07:32

qnxyy

13
3

0

votes

1 answer

localhost to localhost ICMP traffic that is suspicious.. any idea of what is creating this?

I keep seen this on my tcpdump output.. is prob something very simple and logical but I can't see to see any process with lsof or netstat doing a ICMP request to it's own 127.0.0.1 every 2-3 secs... anyone have any idea of what is creating this?…

sniffer icmp

asked Mar 29 '15 at 09:24

cfernandezlinux

281
4
15

0

votes

1 answer

For what is an ICMP tunnel useful and how does ist work?

For what is it usefull? I (client) send an echo-request (with http data) to the proxy server. Then the proxy has to send me the echo-reply. But my question now is: 2.1 The proxy first needs to send my data to the webserver, the webserver needs to…

icmp

asked Dec 11 '14 at 13:15

Joey

615
8
17

0

votes

1 answer

Wireshark Gratuitous ARP

I'm playing around with scapy and wireshark and I have sent a packet to a destination that does not exist (10.0.2.14). Wireshark shows an ARP attempt to resolve the address but as its not there the ICMP packet sends to 10.0.2.14 anyway (what happens…

wireshark arp-spoofing icmp

asked Sep 06 '13 at 12:21

bigl

103
1
2

0

votes

1 answer

Honeyd not responding to TCP

I'm having some issues getting Honeyd to work properly on an external network interface on Ubuntu 20 LTS running on a Proxmox server. I'm fairly sure it's a configuration/setup problem on the VM I'm running it on, as the config file works okay when…

linux tcp honeypot icmp

asked Aug 07 '22 at 10:09

DavidM

1
3

0

votes

0 answers

What security benefit is there in 2020 to block outbound Ping

I've researched this and found the following on StackExchange and ServerFault, but they're very old. https://serverfault.com/questions/55889/why-block-outbound-icmp Is it a bad idea for a firewall to block ICMP? Security risk of PING? So, as of now…

firewalls icmp ping

asked Jun 01 '20 at 14:39

SKidd

1

0

votes

1 answer

Monitor mode not sniffing from other devices on the same network

i'm currently running a 802.11n adapter in monitor mode on a kali linux PC. Monitor mode was enabled using airmon-ng. On the same network as the kali linux PC are 2 raspberry pi devices. Pinging from a Raspberry Pi device to the PC shows ICMP…

kali-linux wireshark raspberry-pi 802.1x icmp

asked Dec 19 '19 at 02:48

user223481

1

0

votes

1 answer

Differentiate normal flow and broadcast attacks

How do you identify whether a broadcast traffic is normal or is considered an attack such as a DoS attack?, There is some information that the plot or the source that allows me to differentiate between an attack and a normal flow?

denial-of-service icmp

asked Jun 20 '12 at 02:49

fran.sand66

113
5

0

votes

1 answer

Smurf Attack confusion

I have a question regarding the Smurf Attack described in the following CISCO article: http://www.cisco.com/c/en/us/about/security-center/guide-ddos-defense.html#9 In a smurf attack, an attacker broadcasts a large number of ICMP packets with the…

icmp

asked Jan 09 '17 at 14:10

cyzczy

1,518
5
21
34

0

votes

0 answers

script for analysis of tcpdump log file

I'm trying to get the following metrics from my tcpdump log file: (1) one-way delay, (2) request/response delay, (3) packet loss, (4) overall transaction duration and (5) delay variation (jitter). For clarification: transaction duration refers to…

tcp smtp ftp icmp log-analysis

asked Nov 19 '15 at 20:28

MSB

266
2
8

-1

votes

2 answers

Is there any reason that captive portal server can't block the ICMP echo request/reply packet

We can get connected to those public WiFi hotspot without the account but can access to no website but the login page. As I tested, all those login website would respond to my ping even I was an unauthorized user. I wonder if there are some any…

network icmp captive-portal

asked Apr 30 '15 at 09:02

chenglong fu

11
3

Questions tagged [icmp]