At 10:06 25/09/2006, Ian Mason wrote:
One of the largest North American network providers filters/drops
ICMP messages so that they only pass those with a source IP
address that appears in their routing table.
This is clearly reasonable as part of an effort to mitigate ICMP
based network abuse.
As a matter of fact, most ICMP-based attacks don't require spoofing
of the source IP address. You do have to spoof the addresses in the
"original datagram" included in the ICMP payload, though.
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
