There's an interesting program over at sourceforge, ICMP-Chatwhich gives allows you to communicate with someone purely over ICMP (you can choose which type of ICMP message is used).
This provides a good illustration of the dangers in security of assuming that a system or protocol will only be used for its intended, or well known, purpose.
In this example this program could probably be used to bypass firewall infrastructure in some companies, as many people allow ICMP through for troubleshooting purposes, where all TCP and UDP connections will be locked down.
That brings me on to another point, which is the futility of disallowing protocols based on the fact that they can be used for file-transfer. In some setups I've seen people will block incoming FTP but not HTTP. Now that doesn't make a lot of sense when you realise that HTTP is a generic content transfer protocol and can be used for a wide variety of things like file transfer and, of course, remote control.
You don't see many companies allowing inbound connections for protocols like PC-Anywhere, but with HTTP allowed, services like GoToMyPC allow very similar functionality.
An mitigation for this kind of risk is to apply more application level controls over all protcols allowed through security perimiters, as at the application layer there is a better understanding of what the purpose of the communication is...
