well you could get an icmp flood but the problem is that you become a
security threath :)... you will becore a smurf relay... People from the
outisde world can spoof ping your broadcast addresss and all your host
will respond back...
I had to have an explicity deny to all my boradcast addresses before the
icmp any any...
What i don't understand is when you have no ip directed-broadcast on your
routers pings to x.x.x.255 still get through..!!
Nimesh.
On Fri, 21 Jul 2000, Samuel Rey wrote:
> My pix firewall has the following in its current config
>
> conduit permit icmp any any
>
> Is there any security risks to our internal network with this configuration
>
> Appreciate the help
>
> Sam
>
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
