CAPEC-329: ICMP Error Message Quoting Probe

攻击模式描述

An adversary uses a technique to generate an ICMP Error message (Port Unreachable, Destination Unreachable, Redirect, Source Quench, Time Exceeded, Parameter Problem) from a target and then analyze the amount of data returned or "Quoted" from the originating request that generated the ICMP error message.

前提条件

• The ability to monitor and interact with network communications.Access to at least one host, and the privileges to interface with the network interface card.

所需资源

• A tool capable of sending/receiving UDP datagram packets from a remote system to a closed port and receive an ICMP Error Message Type 3, "Port Unreachable..

后果影响