You are here: silicon.com > Resources > White Papers > Networking and Communications > Network Technologies > TCP - IP

TCP - IP White Papers

ICMP Usage in Scanning: the Complete Know-How

Overview The ICMP Protocol may seem harmless at first glance. Its goals and features were outlined in RFC 792 (and than later cleared in RFCs 1122, 1256, 1349, 1812), as a way to provide a means to send error messages for non-transient error conditions, and to provide a way to probe the network in order to determine general characteristics about the network. In terms of security, ICMP is one of the most controversial protocols in the TCP/IP protocol suite. The risks involved in implementing the ICMP protocol in a network, regarding scanning, are the subject of this research paper.

Scanning will usually be the major stage of an information gathering process a malicious computer attacker will launch against a targeted network. With this stage the malicious computer attacker will try to determine what are the characteristics of the targeted network. He will use several techniques, such as host detection, service detection, network topology mapping, and operating system fingerprinting. The data collected will be used to identify those Hosts (if any) that are running a network service, which may have a known vulnerability. This vulnerability may allow the malicious computer attacker to execute a remote exploit in order to gain unauthorized access to those systems. This unauthorized access may become his focal point to the whole targeted network.

Further White Paper Details
Publisher	Sys-Security.com	File Format	PDF, requires Acrobat Rdr 5
Date Published	June 2001	Downloads	16
Format	White Papers
Topics	TCP - IP, Telecom Security, Anti-Hacking

Did you find this white paper useful?

Anthony & Sylvan Pools Takes the Plunge with VoIP

Publisher:
Shoretel

A Taxonomy of the Linux Network Stack

Publisher:
Oracle

Tags:
tcp - ip

Linux Journal: The Hosting Service Provider for Superior IP Performance

Publisher:
Verio

Tags:
tcp - ip

Sprint IPVoice Connect Fact Sheet

Publisher:
Sprint

Design, Implementation and Evaluation of a QoS-Aware Transport Protocol

Publisher:
University of New South Wales

Tags:
quality of service

Trio of Windows flaws opens door to nasties

To exploit the flaws, an attacker could craft a malicious image and trick a Windows user to look at it on a malicious website or in an HTML email, for example, according to Microsoft. We're not bracing for any major worm or malware outbreak but we...

Microsoft beefs up Vista's buffer

He added: "An attacker has a one in 256 chance of getting the address right. A buffer overrun exploit is malicious code that seeks to exploit a common error in computer code called a buffer overrun or buffer overflow.

File-pinching security hole punctures Firefox and IE

A Microsoft representative said in an emailed statement: "This vulnerability does not allow a malicious attacker to execute code against a user's machine but rather requires significant user interaction that could result in information disclosure.

Cyber attack targets unpatched Excel flaw

A malicious Excel document is sent as an email attachment or otherwise delivered by the attacker to the intended victim, Microsoft said in a posting to its Security Response Center blog. The software maker said it has added detection capabilities...

Channel:
Malware
Tags:
excel,
flaw,
patch,
microsoft

Get your fix: Microsoft sinks 18 holes

However, an attacker has to be on the same sub-network as the intended target, Microsoft said in bulletin MS06-036. An attacker could upload a malformed ASP file and commandeer the server. The other, MS06-033, could allow an attacker to view the...

VoIP threats to watch out for

Examples of hacks for SIP include registration hijacking, which allows a hacker to intercept incoming calls and reroute them; message tampering, which allows a hacker to modify data packets travelling between SIP addresses; and session tear-down...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

TCP - IP White Papers

ICMP Usage in Scanning: the Complete Know-How

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific