>
> The main objective is to block all incoming IGMP, ICMP, UDP and TCP to
> any box that is not expressly set up for access from the outside, such as
> a mail server, DNS server, and Web Server, etc.
Just make sure that any application that is supposed to be accessible from the outside, such as a mail server, DNS server and web server, have the appropriate ICMP types allowed. ICMP is an important protocol for regulating traffic and if you for instance block Path MTU Discovery you might make your server inaccessible to some.
Jochem
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
