Technical Details
ICMP tunneling works by injecting arbitrary data into an echo packet sent to a remote computer. The remote computer replies in the same manner, injecting an answer into another ICMP packet and sending it back. The client performs all communication using ICMP echo request packets, while the proxy uses echo reply packets.
In theory, it is possible to have the proxy use echo request packets (which makes implementation much easier), but these packets are not necessarily forwarded to the client, as the client could be behind a translated address (NAT). This bidirectional data flow can be abstracted with an ordinary serial line.
This vulnerability exists because RFC 792, which is IETF's rules governing ICMP packets, allows for an arbitrary data length for any type 0 (echo reply) or 8 (echo message) ICMP packets.
Read more about this topic: ICMP Tunnel
Famous quotes containing the words technical and/or details:
“I rather think the cinema will die. Look at the energy being exerted to revive it—yesterday it was color, today three dimensions. I don’t give it forty years more. Witness the decline of conversation. Only the Irish have remained incomparable conversationalists, maybe because technical progress has passed them by.”
—Orson Welles (1915–1984)
“Then he told the news media
the strange details of his death
and they hammered him up in the marketplace
and sold him and sold him and sold him.
My death the same.”
—Anne Sexton (1928–1974)