An attacker sends an ICMP Type 17 Address Mask Request to gather
						information about a target's networking configuration. ICMP Address Mask
						Requests are defined by RFC-950, "Internet Standard Subnetting Procedure."
						An Address Mask Request is an ICMP type 17 message that triggers a remote
						system to respond with a list of its related subnets, as well as its default
						gateway and broadcast address via an ICMP type 18 Address Mask Reply
						datagram. Gathering this type of information helps an attacker plan
						router-based attacks as well as denial-of-service attacks against the
						broadcast address. Many modern operating systems will not respond to ICMP
						type 17 messages for security reasons. Determining whether a system or
						router will respond to an ICMP Address Mask Request helps the attacker
						determine operating system or firmware version. Additionally, because these
						types of messages are rare they are easily spotted by intrusion detection
						systems. Many ICMP scanning tools support IP spoofing to help conceal the
						origin of the actual request among a storm of similar ICMP messages. It is a
						common practice for border firewalls and gateways to be configured to block
						ingress ICMP type 17 and egress ICMP type 18 messages.