Implementación de medidas que mitiguen las vulnerabilidades basadas en icmp en una infraestructura de red de computadoras.

Abstract

ICMP, internet message control protocol, is used to notify errors in the processing of IP packets. However, it is one of the most used protocols by hackers for the recognition of machines in a network, exposing vulnerabilities that could be exploited by attacks such as: Recognition and ICMP scanning, Denial of Distributed Services and ICMP Tunnel. These attacks take advantage of the lack of security when sending ICMP packets through TCP / IP protocols being modified or altered by intruders, affecting the computer network infrastructure. To establish controls that reduce the impact of these attacks, a virtual scenario was implemented and using the Firewalk, Hping3 and Hans tools it was possible to simulate these attacks, which due to their exploration allowed to mitigate the ICMP protocol vulnerabilities. The virtual scenario was designed under the GNS3 tool that allowed to simulate the network connections and VMware for the virtualization of several hosts that intervened. The solution is based on the exhaustive search of controls that increase both security at the level of hosts and at the Router level, in the first attacks a control was established in the router creating Access Control Lists (ACL) and in the third attack with firewall rules and password encryption, which reduces the vulnerabilities that could occur when sending ICMP packets in a real environment.