hi, - Cisco Community

463

Views

0

Helpful

1

Replies

How can I allow outbound ICMP but prevent a remote shell exploit such as this:

http://resources.infosecinstitute.com/icmp-reverse-shell/#gref

1 Reply 1

hi,

you can configure ICMP inspection under global policy map.

this will let the ASA create a state table and remember who's making ping request from the 'inside' or trusted interface.

policy-map global_policy
class inspection_default
inspect icmp
inspect icmp error

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card