https://community.cisco.com/t5/network-security/icmp-inspection/m-p/3062417#M145210 <P>How can I allow outbound ICMP but prevent a remote shell exploit such as this:</P> <P><A href="http://resources.infosecinstitute.com/icmp-reverse-shell/#gref" target="_blank">http://resources.infosecinstitute.com/icmp-reverse-shell/#gref</A></P> <P></P> Tue, 12 Mar 2019 09:10:09 GMT George D 2019-03-12T09:10:09Z https://community.cisco.com/t5/network-security/icmp-inspection/m-p/3062417#M145210 <P>How can I allow outbound ICMP but prevent a remote shell exploit such as this:</P> <P><A href="http://resources.infosecinstitute.com/icmp-reverse-shell/#gref" target="_blank">http://resources.infosecinstitute.com/icmp-reverse-shell/#gref</A></P> <P></P> Tue, 12 Mar 2019 09:10:09 GMT https://community.cisco.com/t5/network-security/icmp-inspection/m-p/3062417#M145210 George D 2019-03-12T09:10:09Z https://community.cisco.com/t5/network-security/icmp-inspection/m-p/3062418#M145217 <P>hi,</P> <P>you can configure ICMP inspection under global policy map.</P> <P>this will let the ASA create a state table and remember who's making ping request from the 'inside' or trusted interface.</P> <P><EM>policy-map global_policy</EM><BR /><EM>&nbsp;class inspection_default</EM><BR /><EM>&nbsp; inspect icmp </EM><BR /><EM>&nbsp; inspect icmp error </EM></P> Tue, 04 Apr 2017 07:21:06 GMT https://community.cisco.com/t5/network-security/icmp-inspection/m-p/3062418#M145217 johnlloyd_13 2017-04-04T07:21:06Z