If I follow what you are saying here, the concern is the returning ICMP
host unreachables may be used as part of a DoS. Is this correct?
Yes, you are following me there.
If so, the concern is pretty minimal. Packet size is small, only 56
bytes in size, so bandwidth utilization is small. Unsolicited ICMP
errors are going to be quickly discarded by the receiving system, so its
not going to cause much of a CPU hit on the target. Unfortunately there
are far too many other ways of performing a DoS that would be much more
effective and efficient.
*nod* I'm not saying that it's one of the most efficient ways to DDoS someone, but I am saying that it is a way and some institutions politically decide that they would rather DROP packets than possibly participate in a DDoS against someone else.
Ya, geek stuff is cool. :D
It has gotten me in to trouble too. I tend to spend too much time working on geek stuff. Oh, well I had fun doing it.
Grant. . . .
