> -----Original Message----- > From: Pierre Fortin [mailto:[EMAIL PROTECTED]] > > ICMP pings are neither TCP nor UDP, so echo and echo-udp are > unrelated. You'll have to block then with iptables (-p > icmp). The only use ICMP pings serve for the kiddie sweepers > is to determine that the IP address is alive. ICMP doesn't > relate to TCP/UDP ports.
A few notes: Blocking incoming ICMP pings doesn't make you undetectable. Blocking pings for this reason induces a false sense of security. Also note that blocking ALL ICMP is a 'bad thing'. You really want to be able to _receive_ ICMP type 3 (Destination Unreachable) and type 11 (Time Exceeded). I'd argue it's polite to allow them to be sent. You most likely want to ping things yourself, so allow outgoing type 8 and incoming type 0 (the echo replies). Again, if you want to ping, it's polite to reciprocate. We allow types 0,3,8 and 11 to transit the firewall both ways. All other ICMP we block. Note that you should block ALL ICMP destined for a broadcast address. Failing to do so makes you a 'SMURF AMP'. A quick Google for ICMP and firewalls should help more. http://www.cotse.com/icmptypes.html is a good resource. Cheers Sy -- ********************************************************************* This e-mail has been swept for dubious attachments *********************************************************************
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
