Actually Russ, ICMP still works. Can you ping 127.0.0.1, the local loop back? Can you ping other items on your local network? It comes down intranet vs internet separated by a firewall. Many corporations kill ICMP externally, but it works fine internally and is used as intended OR they allow outgoing only on the intranet and outgoing/incoming to the DMZ.
Since I deal with security, I get to read firewall logs (real boring). We get a number of ping attacks (DOS attempts) and/or ping scans (up and down the range from same ip) per day...script monkey's looking for a way in. If you ever go through a security audit like we do, you'll understand. ----- Original Message ----- From: "Russ Uhte (Lists)" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, July 09, 2004 3:16 PM Subject: Re: [Declude.JunkMail] NOW OT: ICMP > At 03:03 PM 7/9/2004, Dan Horne wrote: > >"if you block ICMP, you break IP. That's the bottom line, and nobody can > >argue that." > > > >Sorry, but I can and will argue with that. ICMP relies on IP, not the other > >way around. IP works with or without ICMP. RFC792, which defines ICMP, > >states "The purpose of these control messages is to provide feedback about > >problems in the communication environment, not to make IP reliable." > > Acknowledged!! > > >It also states that "ICMP is actually an integral part of IP, and must be > >implemented by every IP module", but that only means that anything that has > >an IP address must also understand ICMP. It does NOT mean (IMO) that I must > >accept ICMP across my firewall. > > I guess this is open to interpretation. My interpretation is that if my > machine is behind an ICMP blocking firewall, ICMP is no longer actually > implemented on my machine because ICMP no longer works on my > machine. Again, just my personal interpretation. > > -Russ > > --- > [This E-mail scanned for viruses by Declude Virus] > > --- > [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > > --- > This E-mail came from the Declude.JunkMail mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.JunkMail". The archives can be found > at http://www.mail-archive.com. > > *Scanned for viruses by Declude Virus* > > *Scanned for viruses by Declude Virus* --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
