I always set up firewalls to respond (filtered) icmp echo requests: it's very good for troubleshooting. It's important to set up filters against flood ping attacks (mostly from local LAN), but I use size limit too.
Németh István Linux on 390 Port <[email protected]> írta 2005.04.13 13:36:46 időpontban: > On Tue, 2005-04-12 at 16:35 -0500, McKown, John wrote: > > Also, I don't respond to "pings" from outside. > > There is a school of thought that says that your firewall is broken. > RFC1122: "Every host MUST implement an ICMP Echo server function that > receives Echo Requests and sends corresponding Echo Replies". > > (However the RFC bends a little, allowing you to silently discard ICMP > echo requests that arrive on a broadcast address.) > > As a practical matter, disabling ICMP echo reply does little to improve > security on your end. Run something like nessus against your site from > the outside and see what it finds. > > -- > David Andrews > A. Duda and Sons, Inc. > [EMAIL PROTECTED] > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
