Check your Google Cloud VPC network firewall rules for inbound rules that allow unrestricted access (i.e. 0.0.0.0/0) to any hosts using ICMP and restrict the ICMP-based access to trusted IP addresses/IP ranges only, in order to implement the principle of least privilege (POLP) and reduce the attack surface. Internet Control Message Protocol (ICMP) is an error-reporting protocol that is typically used to troubleshoot TCP/IP networks by generating error messages for any issues with delivering IP packets. Even if ICMP is not a transport protocol, it can be used to exploit network vulnerabilities.
Allowing unrestricted inbound/ingress ICMP access using VPC network firewall rules can increase opportunities for malicious activities such as Denial-of-Service (DoS) attacks, Smurf and Fraggle attacks.
To determine if your Google Cloud VPC firewall rules allow unrestricted ICMP access, perform the following operations:
Remediation / Resolution
To update your VPC network firewall rules configuration in order to restrict Internet Control Message Protocol (ICMP) access to trusted, authorized IP addresses or IP ranges only, perform the following operations:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Check for Unrestricted ICMP Access
Risk level: High