Vulnerability
BlackICE
Affected
BlackICE
Description
BlackICE is the popular home IDS/firewall product by NetworkICE -
it cannot be configured to block ICMP. This is in contrast to
TCP and UDP traffic that is governed by rules in the firewall.ini
file.
Note - Configuring it to block a specific IP will block ICMP
traffic as well.
Solution
You cannot block all ICMP traffic. Ping is only one type of
service sent over ICMP. A list of the services supported by ICMP
are:
Echo Reply (Ping)
Destination Unreachable
Source Quench
Redirect (change a route)
Echo Request (Ping)
Time Exceeded for a Datagram
Parameter Problem on a Datagram
Timestamp Request
Timestamp Reply
Information Request
Information Reply
Address Mask Request
Address Mask ReplyYou cannot block all
ICMP traffic. Ping is only one type of service sent over ICMP.
A list of the services supported by ICMP are:
Echo Reply (Ping)
Destination Unreachable
Source Quench
Redirect (change a route)
Echo Request (Ping)
Time Exceeded for a Datagram
Parameter Problem on a Datagram
Timestamp Request
Timestamp Reply
Information Request
Information Reply
Address Mask Request
Address Mask Reply
BlackICE Agent ver2.5 will have the capability that you are
looking for. Expected release is Q42000. BlackICE Agent is part
of the Enterprise ICEpac Suite.
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
