Date: Sun, 13 Jun 1999 22:51:00 +0200 From: sthaug@nethelp.no To: dgilbert@velocet.ca Cc: jdn@acp.qiv.com, secure@r0ck.com, security@FreeBSD.ORG Subject: Re: Fwd: [linux-security] Re: Port 7 scan Message-ID: <27918.929307060@verdi.nethelp.no> In-Reply-To: Your message of "Sun, 13 Jun 1999 16:28:52 -0400 (EDT)" References: <14180.5252.211630.750974@trooper.velocet.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
> Jay> Since echo is Unixcentric and most new admins leave echo open, > Jay> echo will reveal far more about a machine than a ping. Could it > Jay> be that this is the intent? > > Actually, this is probably caused by a desire to subvert an > 'optimization' made at major routers on the net. In general, most > busy routers 'de-prioritize' ping traffic. This is true for Cisco routers *if* the ICMPs are for the router itself (one of its interfaces). As long as the ICMPs are not for the router itself, it is just like any other traffic, and is not 'de-prioritized' in any way. > This is largely due to the > face that the worse the network gets, the higher the amount of ping > traffic (coming from people who wonder why it's slow). So the latency > from a ping connection isn't as accurate as trying to open a tcp > connection. It's probably at least as accurate if you're trying to ping the hosts and not just the routers along the way. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?27918.929307060>