"if you block ICMP, you break IP. That's the bottom line, and nobody can argue that."
Sorry, but I can and will argue with that. ICMP relies on IP, not the other way around. IP works with or without ICMP. RFC792, which defines ICMP, states "The purpose of these control messages is to provide feedback about problems in the communication environment, not to make IP reliable." It also states that "ICMP is actually an integral part of IP, and must be implemented by every IP module", but that only means that anything that has an IP address must also understand ICMP. It does NOT mean (IMO) that I must accept ICMP across my firewall. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Russ Uhte (Lists) Sent: Friday, July 09, 2004 2:52 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database test for Declude JunkMail At 01:38 PM 7/9/2004, Dan Horne wrote: >Ah, but you DO recognize that ICMP is a threat, and so you have set >access-rules on it. That was my main point. And as Sandy pointed out, Obviously ICMP _CAN_ be a security risk, but so is having your network connected to the Internet. I know a lot of admins that block ICMP for a plethora of reasons. At this point, this is probably getting a little off-topic, but in reality, if you block ICMP, you break IP. That's the bottom line, and nobody can argue that. So, everyone does what he/she needs to do to sleep better at night, and if this includes blocking ICMP, then so be it... But I'm gonna have to agree with Scott when he said "I can't ping you, fix that problem first!!" -Russ --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
